Digitalstack/ZnoteAAC
2
0
Fork 0
mirror of https://github.com/Znote/ZnoteAAC.git synced 2025-06-07 13:24:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Digitalstack:2.0-alpha
Branches Tags
Digitalstack:master
Digitalstack:v2
Digitalstack:2.0-alpha
Digitalstack:1.6
..
compare: Digitalstack:master
Branches Tags
Digitalstack:master
Digitalstack:v2
Digitalstack:2.0-alpha
Digitalstack:1.6

27 Commits
2.0-alpha ... master

Author SHA1 Message Date
Marek Madejski
dbc1e14ea7
Typo fix in login widget (#536) 
Typo fix "userame".
 2025-03-05 16:28:14 +01:00
Stefan A. Brannfjell
70a39d4cc7
Update cacert.pem 
https://curl.se/docs/caextract.html
 2024-02-25 21:12:50 +01:00
Emilianenko
001b12e762
Update guilds.php (#525) 
https://otland.net/threads/znote-guilds-php-small-issue.282623/
 2022-10-20 17:31:58 +02:00
Luan Luciano
9947d441b4
Update index.php (#522) 2022-08-02 12:07:23 +02:00
Luan Luciano
a67b03ba38
Fix function remainingTime (#521) 2022-08-02 12:07:04 +02:00
Stefan A. Brannfjell
cdaac6e974
Add gd image library to readme 
installed through etc:
`apt install php-gd` or `apt install php7.4-gd`
 2022-02-23 12:34:49 +01:00
Znote
78d35bb441 More accurate premium duration calculation. 
Dont skimp on the hours on the last day the premium expires.
 2022-01-29 23:01:03 +01:00
Michał "Gubihe
a531a18fad
Typo in footer.php (#504) 
Fixed bug introduced in https://github.com/Znote/ZnoteAAC/pull/502
 2022-01-21 13:23:05 +01:00
Michał "Gubihe
6d402cef28
microtime as float (#502) 2022-01-21 10:28:07 +01:00
Yujin Boby
4fb06fb4e5
make shop images work with SSL (https) (#501) 2022-01-17 11:10:04 +01:00
Znote
74890c1ea6 loginWebService correct pvptypes 2021-12-23 09:21:50 +01:00
Znote
88a13e6d10 Let admins bypass character list count restriction 2021-12-16 23:20:23 +01:00
Znote
47bbee9acf Fix #478 characterprofile message for pending deletions 2021-12-16 23:19:42 +01:00
Znote
0f4c67d37f Fix #497 Protocol 12 freePremium 
having an account as free, make lots of weirds widgets to appear in game and even some client features unavailable.
This unlocks protocol 12 client features for servers who use freePremium in config.lua
 2021-12-16 19:53:05 +01:00
Znote
52956f8dab Dont invoke IP validation if its disabled in config.php 2021-12-15 23:32:27 +01:00
Znote
f64d190e54 validate_ip bugfix 2021-12-15 23:31:02 +01:00
Znote
d5a11cbc76 SSL CA Root Certificates 2021-12-13 13:14:27 +01:00
Zbizu
7a9047da80 TFS 1.5 protocol 12 support 2021-12-09 02:21:01 +01:00
Evil Puncker
6be17886b3
Update config.php (#496) 2021-12-08 21:42:14 +01:00
Evil Puncker
3622ad173b
Lowering the size of onlinetime_ table sizes (#495) 
MEDIUMINT: 97 days
MEDIUMINT UNSIGNED: 194.2 days
INT: 68 years
INT UNSIGNED: 136.1 years

bigint was way too big for these values, thanks to @divinity76
 2021-11-19 02:44:12 +01:00
Evil Puncker
bb814f6eae
Fixed variable type for powergamers script (#492) 
exp history should be able to store negative values, yes
online time shouldn't
 2021-10-13 19:18:43 +02:00
Znote
ec55497c5a Fix img clipping in news feed 2021-07-24 05:17:14 +02:00
Stefan A. Brannfjell
563fa3a62b
Update README.md 2021-07-24 04:54:43 +02:00
Znote
541b95f926 minor adjustment to aside character search 2021-07-24 04:37:40 +02:00
Znote
32e5b6278e Fix #371 - fast APCu memory caching support 2021-07-24 00:38:58 +02:00
Znote
26c486ef27 Tagging Znote AAC as version 1.6 2021-07-22 17:57:09 +02:00
Znote
ddd54a932e Better guild validations, Fix #457 2021-07-22 17:30:49 +02:00
31 changed files with 2708 additions and 2257 deletions
Show Stats Expand all files Collapse all files

24
README.md
View File

@ -1,14 +1,6 @@
ZnoteAAC
========
[![CodeFactor](https://www.codefactor.io/repository/github/znote/znoteaac/badge)](https://www.codefactor.io/repository/github/znote/znoteaac)
### Branch: v2
The purpose of this branch is to server as code cleanup, and strip distro compatibility for anything below TFS 1.4.
I want to refactor some code, try to get Znote AAC a bit more lightweight. Remove single-use functions from globally included function files etc.
New features and bugfixes might arrive here first, and then backported to 1.5/6 (master branch).
---
### What is Znote AAC?
Znote AAC is a full-fledged website used together with an Open Tibia(OT) server.
@ -21,15 +13,6 @@ We use github to distribute our versions, stable are tagged as releases, while d
* [Stable](https://github.com/Znote/ZnoteAAC/releases)
* [Development](https://github.com/Znote/ZnoteAAC/archive/master.zip)
**NOTE:** Development version supports TFS 1.3, but you can expect bugs to occur.
### Compatible OT distributions
Znote AAC primarily aims to be compatible with [Forgotten Server](https://github.com/otland/forgottenserver)
Forgotten Server is commonly known as TFS (The Forgotten Server) and Znote AAC supports these versions:
* TFS 0.2.13+ (Since initial release)
* TFS 0.3.6+ (Since Znote AAC 1.2)
* TFS 1.2+ (Since Znote AAC 1.5)
### Requirements
* PHP Version 5.6 or higher. Mostly tested on 5.6 and 7.4. Most web stacks ships with this as default these days.
@ -37,6 +20,7 @@ Forgotten Server is commonly known as TFS (The Forgotten Server) and Znote AAC s
* For email registration verification and account recovery: [PHPMailer](https://github.com/PHPMailer/PHPMailer/releases) Version 6.x, extracted and renamed to just "PHPMailer" in Znote AAC directory.
* PHP extension curl for PHPMailer, paypal and google reCaptcha services.
* PHP extension openssl for google reCaptcha services.
* PHP extension gd for guild logos.
### Installation instructions
@ -64,11 +48,15 @@ This will show you the rest of the instructions as well as the mysql schema.
Znote AAC is very rich feature wise, here is an attempt at summarizing what we offer.
#### Server distribution compatibility:
- [Znote AAC 1.6](https://github.com/Znote/ZnoteAAC/releases/tag/1.6)
- OTHire
- TFS 0.2
- TFS 0.3/4
- TFS 1.x
- TFS 1.3
- Distributions based on these (such as OTX).
- Znote AAC 2.0 [v2 dev branch](https://github.com/Znote/ZnoteAAC/tree/v2)
- TFS 1.4
- OTservBR-Global
#### General
- Server wide latest death list

6
api/api.php
View File

@ -1,14 +1,12 @@
<?php
// Verify the PHP version, gives tutorial if fail.
if (version_compare(phpversion(), '7.2', '<')) die('PHP version 7.2 or higher is required.');
if (version_compare(phpversion(), '5.6', '<')) die('PHP version 5.6 or higher is required.');
if (!isset($filepath)) $filepath = '../';
$version = '2.0_DEV';
$version = '1.6';
session_start();
ob_start();
require_once $filepath.'config.php';
$sessionPrefix = $config['session_prefix'];
require_once $filepath.'engine/database/connect.php';
require_once $filepath.'engine/function/general.php';
require_once $filepath.'engine/function/cache.php';

172
characterprofile.php
View File

@ -11,6 +11,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
if ($user_id !== false) {
$loadOutfits = $config['show_outfits']['characterprofile'];
if ($config['ServerEngine'] == 'TFS_10') {
if (!$loadOutfits) {
$profile_data = user_character_data($user_id, 'account_id', 'name', 'level', 'group_id', 'vocation', 'health', 'healthmax', 'experience', 'mana', 'manamax', 'sex', 'lastlogin');
} else { // Load outfits
@ -26,6 +27,21 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
$user_id = (int) $user_id;
$achievementPoints = mysql_select_single("SELECT SUM(`value`) AS `sum` FROM `player_storage` WHERE `key` LIKE '30___' AND `player_id`={$user_id} LIMIT 1");
}
} else { // TFS 0.2, 0.3
if (!$loadOutfits) {
$profile_data = user_character_data($user_id, 'name', 'account_id', 'level', 'group_id', 'vocation', 'health', 'healthmax', 'experience', 'mana', 'manamax', 'lastlogin', 'online', 'sex');
} else { // Load outfits
if ($config['ServerEngine'] !== 'OTHIRE') {
if ($config['client'] < 780) {
$profile_data = user_character_data($user_id, 'name', 'account_id', 'level', 'group_id', 'vocation', 'health', 'healthmax', 'experience', 'mana', 'manamax', 'lastlogin', 'online', 'sex', 'lookbody', 'lookfeet', 'lookhead', 'looklegs', 'looktype');
} else {
$profile_data = user_character_data($user_id, 'name', 'account_id', 'level', 'group_id', 'vocation', 'health', 'healthmax', 'experience', 'mana', 'manamax', 'lastlogin', 'online', 'sex', 'lookbody', 'lookfeet', 'lookhead', 'looklegs', 'looktype', 'lookaddons');
}
} else {
$profile_data = user_character_data($user_id, 'name', 'account_id', 'level', 'group_id', 'vocation', 'health', 'healthmax', 'experience', 'mana', 'manamax', 'lastlogin', 'online', 'sex', 'lookbody', 'lookfeet', 'lookhead', 'looklegs', 'looktype');
}
}
}
$profile_znote_data = user_znote_character_data($user_id, 'created', 'hide_char', 'comment');
$guild_exist = false;
@ -66,22 +82,17 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
</thead>
<tbody>
<!-- Player Position -->
<?php if ($profile_data['group_id'] > 1):
$position = mysql_select_single("
SELECT
`a`.`type`
FROM `players` AS `p`
INNER JOIN `accounts` AS `a`
ON `p`.`account_id` = `a`.`id`
WHERE
`a`.`type` > 1
AND `p`.`id` = '{$user_id}'
");
$position = (isset($config['ingame_positions'][$position['type']])) ? $config['ingame_positions'][$position['type']] : "Unknown";
?>
<?php if ($profile_data['group_id'] > 1): ?>
<tr>
<td>Position</td>
<td><?php echo $position; ?></td>
<td><?php echo group_id_to_name($profile_data['group_id']); ?></td>
</tr>
<?php endif;
// pending deletion?
$deletion_time = mysql_select_single("SELECT `time` FROM `znote_deleted_characters` WHERE `character_name`='{$name}' AND `done` = '0' LIMIT 1;");
if ($deletion_time !== false): ?>
<tr>
<td colspan="2" style="color: red;">Flagged for deletion by owner after <?php echo $deletion_time['time']; ?>.</td>
</tr>
<?php endif; ?>
<!-- Player male / female -->
@ -120,9 +131,19 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
<?php endif; ?>
<!-- Display house start -->
<?php
if ($config['ServerEngine'] !== 'TFS_02') {
// Compatibility fix
$column_town_id = array(
'OTHIRE' => 'townid',
'TFS_03' => 'town'
// Default: town_id
);
$column_town_id = (isset($column_town_id[$config['ServerEngine']]))
? $column_town_id[$config['ServerEngine']]
: 'town_id';
$houses = mysql_select_multi("
SELECT `id`, `owner`, `name`, `town_id` AS `town_id`
SELECT `id`, `owner`, `name`, `{$column_town_id}` AS `town_id`
FROM `houses`
WHERE `owner` = {$user_id};
");
@ -135,6 +156,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
</tr>
<?php endforeach;
}
}
?>
<!-- Display player status -->
<tr class="status_<?php echo ($profile_data['online']) ? 'online' : 'offline'; ?>">
@ -165,13 +187,16 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
AND `pid`<'11'
");
$soulStamina = " `soul`, `stamina`,";
$soulStamina = (in_array($config['ServerEngine'], ['TFS_10']))
? " `soul`, `stamina`,"
: " `p`.`soul`, `p`.`stamina`,";
if ($config['client'] < 780) {
$soulStamina = " 0 AS `soul`, 0 AS `stamina`,";
}
$player_query = "
SELECT
$player_query = (in_array($config['ServerEngine'], ['TFS_10']))
? /* true */ "SELECT
`health`, `healthmax`,
`mana`, `manamax`,
`cap`,
@ -187,8 +212,31 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
`skill_fishing`
FROM `players`
WHERE `id`={$user_id}
LIMIT 1;
";
LIMIT 1;"
: /* false */ "SELECT
`p`.`health`, `p`.`healthmax`,
`p`.`mana`, `p`.`manamax`,
`p`.`cap`,
`p`.`experience`, `p`.`level`,
{$soulStamina}
`p`.`maglevel`,
`fist`.`value` AS `skill_fist`,
`club`.`value` AS `skill_club`,
`sword`.`value` AS `skill_sword`,
`axe`.`value` AS `skill_axe`,
`dist`.`value` AS `skill_dist`,
`shield`.`value` AS `skill_shielding`,
`fish`.`value` AS `skill_fishing`
FROM `players` AS `p`
LEFT JOIN `player_skills` AS `fist` ON `p`.`id` = `fist`.`player_id` AND `fist`.`skillid` = 0
LEFT JOIN `player_skills` AS `club` ON `p`.`id` = `club`.`player_id` AND `club`.`skillid` = 1
LEFT JOIN `player_skills` AS `sword` ON `p`.`id` = `sword`.`player_id` AND `sword`.`skillid` = 2
LEFT JOIN `player_skills` AS `axe` ON `p`.`id` = `axe`.`player_id` AND `axe`.`skillid` = 3
LEFT JOIN `player_skills` AS `dist` ON `p`.`id` = `dist`.`player_id` AND `dist`.`skillid` = 4
LEFT JOIN `player_skills` AS `shield` ON `p`.`id` = `shield`.`player_id` AND `shield`.`skillid` = 5
LEFT JOIN `player_skills` AS `fish` ON `p`.`id` = `fish`.`player_id` AND `fish`.`skillid` = 6
WHERE `p`.`id`= {$user_id}
LIMIT 1;";
$playerstats = mysql_select_single($player_query);
$playerstats['experience'] = number_format($playerstats['experience'],0,'',',');
@ -211,8 +259,9 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
[133,134,143,144,145],
[146,151,152,153,154],
[251,268,273,278,289],
[325,328,335,367],
//430,432,463,465,472,512,516,541,574,577,610,619,633,634,637,665,667,684,695,697,699,725,733,746,750,760,846,853,873,884,899
[325,328,335,367,430],
[432,463,465,472,512],
//516,541,574,577,610,619,633,634,637,665,667,684,695,697,699,725,733,746,750,760,846,853,873,884,899
);
$female_outfits = array(
@ -220,8 +269,9 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
[141,142,147,148,149],
[150,155,156,157,158],
[252,269,270,279,288],
[324,329,336,366],
//431,433,464,466,471,513,514,542,575,578,618,620,632,635,636,664,666,683,694,696,698,724,732,745,749,759,845,852,874,885,900
[324,329,336,366,431],
[433,464,466,471,513],
//514,542,575,578,618,620,632,635,636,664,666,683,694,696,698,724,732,745,749,759,845,852,874,885,900
);
$featured_outfits = ($profile_data['sex'] == 1) ? $male_outfits : $female_outfits;
@ -368,15 +418,11 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
}
#piv_flex img {
position: absolute;
bottom: 0;
right: 0;
}
#piv_i .inventory_outfit {
position: absolute;
top: 130px;
left: -24px;
width: 64px;
height: 64px;
}
#piv_lifebar {
position: absolute;
@ -672,6 +718,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
</thead>
<tbody>
<?php
if ($config['ServerEngine'] == 'TFS_10') {
$deaths = mysql_select_multi("
SELECT
`player_id`,
@ -730,6 +777,63 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
</tr>
<?php
}
} elseif ($config['ServerEngine'] == 'TFS_02') {
$array = user_fetch_deathlist($user_id);
if ($array) {
foreach ($array as $value):
if ($value['is_player'] == 1) {
$value['killed_by'] = 'player: <a href="characterprofile.php?name='. $value['killed_by'] .'">'. $value['killed_by'] .'</a>';
} else {
$value['killed_by'] = 'monster: '. $value['killed_by'] .'.';
}
?>
<tr>
<td><?php echo getClock($value['time'], true, true); ?></td>
<td><?php echo 'Killed at level '. $value['level'] .' by '. $value['killed_by']; ?></td>
</tr>
<?php endforeach;
} else {
?>
<tr>
<td colspan="2">This player has never died.</td>
</tr>
<?php
}
} elseif (in_array($config['ServerEngine'], array('TFS_03', 'OTHIRE'))) {
//mysql_select_single("SELECT * FROM players WHERE name='TEST DEBUG';");
$array = user_fetch_deathlist03($user_id);
if ($array) {
// Design and present the list
foreach ($array as $value):
$value[3] = user_get_killer_id(user_get_kid($value['id']));
if ($value[3] !== false && $value[3] >= 1) {
$namedata = user_character_data((int)$value[3], 'name');
if ($namedata !== false) {
$value[3] = $namedata['name'];
$value[3] = 'player: <a href="characterprofile.php?name='. $value[3] .'">'. $value[3] .'</a>';
} else {
$value[3] = 'deleted player.';
}
} else {
$value[3] = user_get_killer_m_name(user_get_kid($value['id']));
if ($value[3] === false) {
$value[3] = 'deleted player.';
}
}
?>
<tr>
<td><?php echo getClock($value['date'], true, true); ?></td>
<td><?php echo 'Killed at level '. $value['level'] .' by '. $value[3]; ?></td>
</tr>
<?php endforeach;
} else {
?>
<tr>
<td colspan="2">This player has never died.</td>
</tr>
<?php
}
}
?>
</tbody>
</table>
@ -796,6 +900,14 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
<!-- CHARACTER LIST -->
<?php
// Backward compatibility
$select_online = "CASE WHEN `l`.`player_id` IS NULL THEN 0 else 1 END as `online`";
$join_online = "LEFT JOIN `players_online` as `l` ON `p`.`id` = `l`.`player_id`";
if ($config['ServerEngine'] != 'TFS_10') {
$select_online = "`p`.`online`";
$join_online = "";
}
// Load other visible characters
$otherChars = mysql_select_multi("
SELECT
@ -804,7 +916,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
`p`.`level`,
`p`.`vocation`,
`p`.`lastlogin`,
CASE WHEN `l`.`player_id` IS NULL THEN 0 else 1 END as `online`
{$select_online}
FROM `players` as `o`
JOIN `players` as `p`
ON `o`.`account_id` = `p`.`account_id`
@ -812,7 +924,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
ON `p`.`id` = `z`.`player_id`
LEFT JOIN `znote_players` as `z2`
ON `o`.`id` = `z2`.`player_id`
LEFT JOIN `players_online` as `l` ON `p`.`id` = `l`.`player_id`
{$join_online}
WHERE `o`.`id` = {$user_id}
AND `p`.`id` != `o`.`id`
AND `z`.`hide_char` = 0

6
config.php
View File

@ -537,6 +537,7 @@
// Minimum allowed letters in character name. Ex: 4 letters: "Kare".
$config['minL'] = 3;
// Maximum allowed letters in character name. Ex: 20 letters: "Bobkareolesofiesberg"
// Pre QT clients (lower than version 11) support only 20 letters max, while newer clients support up to 25
$config['maxL'] = 20;
// Maximum allowed words in character name. Ex: 2 words = "Bob Kare", 3 words: "Bob Arne Kare" as maximum char name words.
$config['maxW'] = 3;
@ -657,6 +658,8 @@
'port' => 7172,
'name' => 'Forgotten' // Must be identical to config.lua (OT config file) server name.
);
// Unlock all protocol 12 client features? Free premium in config.lua? Then set this to true.
$config['freePremium'] = true;
// How often do you want highscores (cache) to update?
$config['cache'] = array(
@ -673,9 +676,6 @@
'firstaccountName',
'secondaccountName',
);
// Allow admins to see executed SQL queries overlay
// Useful for testing and optimizing query usage on website
$config['admin_show_queries'] = true;
// Built-in FORUM
// Enable forum, enable guildboards, level to create threads/post in them

2
createcharacter.php
View File

@ -67,7 +67,7 @@ if (empty($_POST) === false) {
}
// Char count
$char_count = user_character_list_count($session_user_id);
if ($char_count >= $config['max_characters']) {
if ($char_count >= $config['max_characters'] && !is_admin($user_data)) {
$errors[] = 'Your account is not allowed to have more than '. $config['max_characters'] .' characters.';
}
if (validate_ip(getIP()) === false && $config['validate_IP'] === true) {

1196
engine/cert/cacert.pem
View File

File diff suppressed because it is too large Load Diff

7
engine/database/connect.php
View File

@ -1,15 +1,14 @@
<?php
$time = time();
if (!isset($version)) $version = '2.0_DEV';
if (!isset($version)) $version = '1.6';
if (!function_exists("elapsedTime")) {
function elapsedTime($l_start = false, $l_time = false) {
if ($l_start === false) global $l_start;
if ($l_time === false) global $l_time;
$l_time = explode(' ', microtime());
$l_finish = $l_time[1] + $l_time[0];
return round(($l_finish - $l_start), 4);
$l_time = microtime(true);
return round(($l_time - $l_start), 4);
}
}

2
engine/database/znote_schema.sql
View File

@ -1,6 +1,6 @@
-- Start of Znote AAC database schema
SET @znote_version = '2.0_DEV';
SET @znote_version = '1.6';
CREATE TABLE IF NOT EXISTS `znote` (
`id` int NOT NULL AUTO_INCREMENT,

5
engine/footer.php
View File

@ -1,10 +1,7 @@
<footer>
&copy; Znote AAC.
<?php
$time = microtime();
$time = explode(' ', $time);
$time = $time[1] + $time[0];
$finish = $time;
$finish = microtime(true);
$total_time = round(($finish - $start), 4);
echo 'Server date and clock is: '. getClock(false, true) .' Page generated in '. $total_time .' seconds. ';
?>

2
engine/function/cache.php
View File

@ -103,7 +103,7 @@ class Cache
$remaining = 0;
if ($this->_memory) {
if (apcu_exists($this->_file)) {
$meta = apc_cache_info('user');
$meta = apcu_cache_info();
foreach ($meta['cache_list'] AS $item) {
if ($item['info'] == $this->_file) {
$remaining = ($item['creation_time'] + $item['ttl']) - time();

87
engine/function/general.php
View File

@ -231,7 +231,7 @@ function validate_name($string) {
// Checks if an IPv4(or localhost IPv6) address is valid
function validate_ip($ip) {
$ipL = safeIp2Long($ip);
$ipR = long2ip($ipL);
$ipR = long2ip((int)$ipL);
if ($ip === $ipR) {
return true;
@ -422,8 +422,10 @@ function output_errors($errors) {
return '<ul><li>'. implode('</li><li>', $errors) .'</li></ul>';
}
// Resize images and create image
// Resize images
function resize_imagex($file, $width, $height) {
list($w, $h) = getimagesize($file['tmp']);
$ratio = max($width/$w, $height/$h);
@ -441,8 +443,7 @@ function resize_imagex($file, $width, $height) {
0, 0,
$x, 0,
$width, $height,
$w, $h
);
$w, $h);
imagegif($tmp, $path);
imagedestroy($image);
@ -451,44 +452,72 @@ function resize_imagex($file, $width, $height) {
return true;
}
// Validate guild logo
// Guild logo upload security
function check_image($image) {
$image_data = array(
'new_name' => $_GET['name'].'.gif',
'name' => $image['name'],
'tmp' => $image['tmp_name'],
'error' => $image['error'],
'size' => $image['size'],
'type' => $image['type']
);
if ($image_data['type'] !== 'image/gif') {
header('Location: guilds.php?error=Only gif images are accepted, you uploaded:['.$image_data['type'].'].&name='. $_GET['name']);
exit();
}
$image_data = array('new_name' => $_GET['name'].'.gif', 'name' => $image['name'], 'tmp' => $image['tmp_name'], 'error' => $image['error'], 'size' => $image['size'], 'type' => $image['type']);
// First security check, quite useless but still do its job
if ($image_data['type'] === 'image/gif') {
// Second security check, lets go
$check = getimagesize($image_data['tmp']);
if (!$check) {
header('Location: guilds.php?error=Uploaded image is invalid.&name='. $_GET['name']);
exit();
}
if ($check['mime'] !== 'image/gif') {
header('Location: guilds.php?error=Only gif images accepted, you uploaded:['.$check['mime'].'].&name='. $_GET['name']);
exit();
}
if ($check) {
// Third
if ($check['mime'] === 'image/gif') {
$path_info = pathinfo($image_data['name']);
if ($path_info['extension'] !== 'gif') {
// Last one
if ($path_info['extension'] === 'gif') {
// Resize image
$img = resize_imagex($image_data, 100, 100);
if ($img) {
header('Location: guilds.php?name='. $_GET['name']);
exit();
}
} else {
header('Location: guilds.php?error=Only gif images accepted, you uploaded:['.$path_info['extension'].'].&name='. $_GET['name']);
exit();
}
// Resize image
if (resize_imagex($image_data, 100, 100)) {
header('Location: guilds.php?name='. $_GET['name']);
} else {
header('Location: guilds.php?error=Only gif images accepted, you uploaded:['.$check['mime'].'].&name='. $_GET['name']);
exit();
}
} else {
header('Location: guilds.php?error=Uploaded image is invalid.&name='. $_GET['name']);
exit();
}
} else {
header('Location: guilds.php?error=Only gif images are accepted, you uploaded:['.$image_data['type'].'].&name='. $_GET['name']);
exit();
}
}
// Check guild logo
function logo_exists($guild) {
$guild = sanitize($guild);
if (file_exists('engine/guildimg/'.$guild.'.gif')) {
echo'engine/guildimg/'.$guild.'.gif';
} else {
echo'engine/guildimg/default@logo.gif';
}
}
function generateRandomString($length = 16) {

410
engine/function/users.php
View File

@ -143,18 +143,7 @@ function support_list03() {
// NEWS
function fetchAllNews() {
return mysql_select_multi("
SELECT
`n`.`id`,
`n`.`title`,
`n`.`text`,
`n`.`date`,
`p`.`name`
FROM `znote_news` AS `n`
INNER JOIN `players` AS `p`
ON `n`.`pid` = `p`.`id`
ORDER BY `n`.`id` DESC;
");
return mysql_select_multi("SELECT `n`.`id`, `n`.`title`, `n`.`text`, `n`.`date`, `p`.`name` FROM `znote_news` AS `n` INNER JOIN `players` AS `p` ON `n`.`pid` = `p`.`id` ORDER BY `n`.`id` DESC;");
}
// HOUSES
@ -261,6 +250,62 @@ function guild_remove_member_10($cid) {
mysql_update("DELETE FROM `guild_membership` WHERE `player_id`='$cid' LIMIT 1;");
}
// Change guild rank name.
function guild_change_rank($rid, $name) {
$rid = (int)$rid;
$name = sanitize($name);
mysql_update("UPDATE `guild_ranks` SET `name`='$name' WHERE `id`=$rid");
}
// Change guild leader (parameters: cid, new and old leader).
function guild_change_leader($nCid, $oCid) {
$nCid = (int)$nCid;
$oCid = (int)$oCid;
$gid = guild_leader_gid($oCid);
$ranks = get_guild_rank_data($gid);
$leader_rid = 0;
$vice_rid = 0;
// Get rank id for leader and vice leader.
foreach ($ranks as $rank) {
if ($rank['level'] == 3) $leader_rid = $rank['id'];
if ($rank['level'] == 2) $vice_rid = $rank['id'];
}
$status = false;
if ($leader_rid > 0 && $vice_rid > 0) $status = true;
// Verify that we found the rank ids for vice leader and leader.
if ($status) {
// Update players and set their new rank id
if (config('ServerEngine') !== 'TFS_10') {
mysql_update("UPDATE `players` SET `rank_id`='$leader_rid' WHERE `id`=$nCid LIMIT 1;");
mysql_update("UPDATE `players` SET `rank_id`='$vice_rid' WHERE `id`=$oCid LIMIT 1;");
} else {
mysql_update("UPDATE `guild_membership` SET `rank_id`='$leader_rid' WHERE `player_id`=$nCid LIMIT 1;");
mysql_update("UPDATE `guild_membership` SET `rank_id`='$vice_rid' WHERE `player_id`=$oCid LIMIT 1;");
}
// Update guilds set new ownerid
guild_new_leader($nCid, $gid);
}
return $status;
}
// Changes leadership of aguild to player_id
function guild_new_leader($new_leader, $gid) {
$new_leader = (int)$new_leader;
$gid = (int)$gid;
if (config('ServerEngine') !== 'OTHIRE')
mysql_update("UPDATE `guilds` SET `ownerid`='$new_leader' WHERE `id`=$gid");
else
mysql_update("UPDATE `guilds` SET `owner_id`='$new_leader' WHERE `id`=$gid");
}
// Returns $gid of a guild leader($cid).
function guild_leader_gid($leader) {
$leader = (int)$leader;
@ -281,12 +326,158 @@ function guild_leader($gid) {
return ($data !== false) ? $data['ownerid'] : false;
}
// Disband guild
function guild_remove_invites($gid) {
$gid = (int)$gid;
mysql_delete("DELETE FROM `guild_invites` WHERE `guild_id`='$gid';");
}
// Remove guild invites
function guild_delete($gid) {
$gid = (int)$gid;
mysql_delete("DELETE FROM `guilds` WHERE `id`='$gid';");
}
// Player leave guild
function guild_player_leave($cid) {
$cid = (int)$cid;
mysql_update("UPDATE `players` SET `rank_id`='0', `guildnick`= NULL WHERE `id`=$cid LIMIT 1;");
}
function guild_player_leave_10($cid) {
$cid = (int)$cid;
mysql_delete("DELETE FROM `guild_membership` WHERE `player_id`='$cid' LIMIT 1;");
}
// Player join guild
function guild_player_join($cid, $gid) {
$cid = (int)$cid;
$gid = (int)$gid;
// Create a status we can return depending on results.
$status = false;
if (config('ServerEngine') !== 'TFS_10') {
// Get rank data
$ranks = get_guild_rank_data($gid);
// Locate rank id for regular member position in this guild
$rid = false;
foreach ($ranks as $rank) {
if ($rank['level'] == 1) $rid = $rank['id'];
}
// Add to guild if rank id was found:
if ($rid != false) {
// Remove the invite:
//guild_remove_invitation($cid, $gid);
guild_remove_all_invitations($cid);
// Add to guild:
mysql_update("UPDATE `players` SET `rank_id`='$rid' WHERE `id`=$cid");
$status = true;
}
} else {
// Find rank id for regular member in this guild
$guildrank = mysql_select_single("SELECT `id` FROM `guild_ranks` WHERE `guild_id`='$gid' AND `level`='1' LIMIT 1;");
if ($guildrank !== false) {
$rid = $guildrank['id'];
// Remove invite
//guild_remove_invitation($cid, $gid);
guild_remove_all_invitations($cid);
// Add to guild
mysql_insert("INSERT INTO `guild_membership` (`player_id`, `guild_id`, `rank_id`, `nick`) VALUES ('$cid', '$gid', '$rid', '');");
// Return success
return true;
} return false;
}
return $status;
}
// Remove cid invitation from guild (gid)
function guild_remove_invitation($cid, $gid) {
$cid = (int)$cid;
$gid = (int)$gid;
mysql_delete("DELETE FROM `guild_invites` WHERE `player_id`='$cid' AND `guild_id`='$gid';");
}
// Remove ALL invitations
function guild_remove_all_invitations($cid) {
$cid = (int)$cid;
mysql_delete("DELETE FROM `guild_invites` WHERE `player_id`='$cid';");
}
// Invite character to guild
function guild_invite_player($cid, $gid) {
$cid = (int)$cid;
$gid = (int)$gid;
mysql_insert("INSERT INTO `guild_invites` (`player_id`, `guild_id`) VALUES ('$cid', '$gid')");
}
// Gets a list of invited players to a particular guild.
function guild_invite_list($gid) {
$gid = (int)$gid;
return mysql_select_multi("SELECT `gi`.`player_id`, `gi`.`guild_id`, `p`.`name` FROM `guild_invites` AS `gi` INNER JOIN `players` AS `p` ON `gi`.`player_id`=`p`.`id` WHERE `gi`.`guild_id`='$gid';");
}
// Update player's guild position
function update_player_guild_position($cid, $rid) {
$cid = (int)$cid;
$rid = (int)$rid;
mysql_update("UPDATE `players` SET `rank_id`='$rid' WHERE `id`=$cid");
}
function update_player_guild_position_10($cid, $rid) {
$cid = (int)$cid;
$rid = (int)$rid;
mysql_update("UPDATE `guild_membership` SET `rank_id`='$rid' WHERE `player_id`=$cid");
}
// Update player's guild nick
function update_player_guildnick($cid, $nick) {
$cid = (int)$cid;
$nick = sanitize($nick);
if (!empty($nick)) {
mysql_update("UPDATE `players` SET `guildnick`='$nick' WHERE `id`=$cid");
} else {
mysql_update("UPDATE `players` SET `guildnick`='' WHERE `id`=$cid");
}
}
function update_player_guildnick_10($cid, $nick) {
$cid = (int)$cid;
$nick = sanitize($nick);
if (!empty($nick)) {
mysql_update("UPDATE `guild_membership` SET `nick`='$nick' WHERE `player_id`=$cid");
} else {
mysql_update("UPDATE `guild_membership` SET `nick`='' WHERE `player_id`=$cid");
}
}
// Get guild data, using guild id.
function get_guild_rank_data($gid) {
$gid = (int)$gid;
return mysql_select_multi("SELECT `id`, `guild_id`, `name`, `level` FROM `guild_ranks` WHERE `guild_id`='$gid' ORDER BY `id` DESC LIMIT 0, 30");
}
// Creates a guild, where cid is the owner of the guild, and name is the name of guild.
function create_guild($cid, $name) {
$cid = (int)$cid;
$name = trim(preg_replace('/\s\s+/', ' ', str_replace("\n", " ", sanitize($name))));
$time = time();
// Create the guild
if (config('ServerEngine') !== 'OTHIRE')
mysql_insert("INSERT INTO `guilds` (`name`, `ownerid`, `creationdata`, `motd`) VALUES ('$name', '$cid', '$time', '');");
else
mysql_insert("INSERT INTO `guilds` (`name`, `owner_id`, `creationdate`) VALUES ('$name', '$cid', '$time');");
// Get guild id
$gid = get_guild_id($name);
// Get rank id for guild leader
$data = mysql_select_single("SELECT `id` FROM `guild_ranks` WHERE `guild_id`='$gid' AND `level`='3' LIMIT 1;");
$rid = ($data !== false) ? $data['id'] : false;
// Give player rank id for leader of his guild
if (config('ServerEngine') !== 'TFS_10') mysql_update("UPDATE `players` SET `rank_id`='$rid' WHERE `id`='$cid' LIMIT 1;");
else mysql_insert("INSERT INTO `guild_membership` (`player_id`, `guild_id`, `rank_id`, `nick`) VALUES ('$cid', '$gid', '$rid', '');");
}
// Search player table on cid for his rank_id, returns rank_id
function get_character_guild_rank($cid) {
$cid = (int)$cid;
@ -306,6 +497,13 @@ function get_player_guild_rank($rank_id) {
return ($data !== false) ? $data['name'] : false;
}
// Get a player guild position ID, using his rank_id
function get_guild_position($rid) {
$rid = (int)$rid;
$data = mysql_select_single("SELECT `level` FROM `guild_ranks` WHERE `id`=$rid;");
return ($data !== false) ? $data['level'] : false;
}
// Get a players rank_id, guild_id, rank_level(ID), rank_name(string), using cid(player id)
function get_player_guild_data($cid) {
$cid = (int)$cid;
@ -324,7 +522,7 @@ function get_player_guild_data($cid) {
// Returns guild name of guild id
function get_guild_name($gid) {
$gid = (int)$gid;
$guild = mysql_select_single("SELECT `name` FROM `guilds` WHERE `id`={$gid} LIMIT 1;");
$guild = mysql_select_single("SELECT `name` FROM `guilds` WHERE `id`=$gid LIMIT 1;");
if ($guild !== false) return $guild['name'];
else return false;
}
@ -332,7 +530,7 @@ function get_guild_name($gid) {
// Returns guild id from name
function get_guild_id($name) {
$name = sanitize($name);
$data = mysql_select_single("SELECT `id` FROM `guilds` WHERE `name`='{$name}';");
$data = mysql_select_single("SELECT `id` FROM `guilds` WHERE `name`='$name';");
return ($data !== false) ? $data['id'] : false;
}
@ -375,6 +573,18 @@ function get_guild_level_data($gid) {
} else return false;
}
// Returns total members in a guild (integer)
function count_guild_members($gid) {
$gid = (int)$gid;
if (config('ServerEngine') !== 'TFS_10') {
$data = mysql_select_single("SELECT COUNT(p.id) AS total FROM players AS p LEFT JOIN guild_ranks AS gr ON gr.id = p.rank_id WHERE gr.guild_id =$gid");
return ($data !== false) ? $data['total'] : false;
} else {
$data = mysql_select_single("SELECT COUNT('guild_id') AS `total` FROM `guild_membership` WHERE `guild_id`='$gid';");
return ($data !== false) ? $data['total'] : false;
}
}
//
// GUILD WAR
//
@ -651,30 +861,16 @@ function user_character_list($account_id) {
//$count = user_character_list_count($account_id);
$account_id = (int)$account_id;
$characters = mysql_select_multi("
SELECT
`p`.`id`,
`p`.`name`,
`p`.`level`,
`p`.`vocation`,
`p`.`town_id`,
`p`.`lastlogin`,
`gm`.`rank_id`,
`zp`.`hide_char`,
CASE WHEN `po`.`player_id` IS NULL
THEN 0
ELSE 1
END AS `online`
FROM `players` AS `p`
LEFT JOIN `guild_membership` AS `gm`
ON `p`.`id`=`gm`.`player_id`
LEFT JOIN `players_online` AS `po`
ON `p`.`id`=`po`.`player_id`
LEFT JOIN `znote_players` AS `zp`
ON `p`.`id`=`zp`.`player_id`
WHERE `p`.`account_id`='{$account_id}'
ORDER BY `p`.`level` DESC
");
if (config('ServerEngine') == 'TFS_10') {
$characters = mysql_select_multi("SELECT `p`.`id`, `p`.`name`, `p`.`level`, `p`.`vocation`, `p`.`town_id`, `p`.`lastlogin`, `gm`.`rank_id`, `po`.`player_id` AS `online` FROM `players` AS `p` LEFT JOIN `guild_membership` AS `gm` ON `p`.`id`=`gm`.`player_id` LEFT JOIN `players_online` AS `po` ON `p`.`id`=`po`.`player_id` WHERE `p`.`account_id`='$account_id' ORDER BY `p`.`level` DESC");
if ($characters !== false) {
for ($i = 0; $i < count($characters); $i++) {
$characters[$i]['online'] = ($characters[$i]['online'] > 0) ? 1 : 0;
//unset($characters[$i]['id']);
}
}
} else $characters = mysql_select_multi("SELECT `id`, `name`, `level`, `vocation`, `town_id`, `lastlogin`, `online`, `rank_id` FROM `players` WHERE `account_id`='$account_id' ORDER BY `level` DESC");
if ($characters !== false) {
$count = count($characters);
@ -714,11 +910,15 @@ function user_character_list_count($account_id) {
// HIGHSCORE FUNCTIONS \\
function fetchAllScores($rows, $tfs, $g, $vlist, $v = -1, $flags = false, $outfits = false) {
if (config('ServerEngine') !== 'OTHIRE') {
if (config('client') < 780) {
$outfits = ($outfits) ? ", `p`.`lookbody` AS `body`, `p`.`lookfeet` AS `feet`, `p`.`lookhead` AS `head`, `p`.`looklegs` AS `legs`, `p`.`looktype` AS `type`" : "";
} else {
$outfits = ($outfits) ? ", `p`.`lookbody` AS `body`, `p`.`lookfeet` AS `feet`, `p`.`lookhead` AS `head`, `p`.`looklegs` AS `legs`, `p`.`looktype` AS `type`, `p`.`lookaddons` AS `addons`" : "";
}
} else {
$outfits = ($outfits) ? ", `p`.`lookbody` AS `body`, `p`.`lookfeet` AS `feet`, `p`.`lookhead` AS `head`, `p`.`looklegs` AS `legs`, `p`.`looktype` AS `type`" : "";
}
// Return scores ordered by type and vocation (if set)
$data = array();
@ -756,30 +956,59 @@ function fetchAllScores($rows, $tfs, $g, $vlist, $v = -1, $flags = false, $outfi
if ($vGrp !== 'all')
$v = (strpos($vGrp, ',') !== false) ? 'AND `p`.`vocation` IN ('. $vGrp . ')' : 'AND `p`.`vocation` = \''.intval($vGrp).'\'';
if ($tfs == 'TFS_10') {
if ($flags === false) { // In this case we only need to query players table
$v = str_replace('`p`.', '', $v);
$outfits = str_replace('`p`.', '', $outfits);
$vocGroups[$vGrp][1] = mysql_select_multi("SELECT `name`, `vocation`, `lastlogout`, `skill_club` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_club` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][2] = mysql_select_multi("SELECT `name`, `vocation`, `lastlogout`, `skill_sword` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_sword` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][3] = mysql_select_multi("SELECT `name`, `vocation`, `lastlogout`, `skill_axe` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_axe` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][4] = mysql_select_multi("SELECT `name`, `vocation`, `lastlogout`, `skill_dist` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_dist` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][5] = mysql_select_multi("SELECT `name`, `vocation`, `lastlogout`, `skill_shielding` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_shielding` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][6] = mysql_select_multi("SELECT `name`, `vocation`, `lastlogout`, `skill_fishing` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_fishing` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][7] = mysql_select_multi("SELECT `name`, `vocation`, `lastlogout`, `experience`, `level` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `experience` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][8] = mysql_select_multi("SELECT `name`, `vocation`, `lastlogout`, `maglevel` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `maglevel` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][9] = mysql_select_multi("SELECT `name`, `vocation`, `lastlogout`, `skill_fist` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_fist` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][1] = mysql_select_multi("SELECT `name`, `vocation`, `skill_club` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_club` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][2] = mysql_select_multi("SELECT `name`, `vocation`, `skill_sword` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_sword` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][3] = mysql_select_multi("SELECT `name`, `vocation`, `skill_axe` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_axe` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][4] = mysql_select_multi("SELECT `name`, `vocation`, `skill_dist` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_dist` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][5] = mysql_select_multi("SELECT `name`, `vocation`, `skill_shielding` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_shielding` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][6] = mysql_select_multi("SELECT `name`, `vocation`, `skill_fishing` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_fishing` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][7] = mysql_select_multi("SELECT `name`, `vocation`, `experience`, `level` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `experience` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][8] = mysql_select_multi("SELECT `name`, `vocation`, `maglevel` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `maglevel` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][9] = mysql_select_multi("SELECT `name`, `vocation`, `skill_fist` AS `value` $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `skill_fist` DESC LIMIT 0, $rows;");
} else { // Inner join znote_accounts table to retrieve the flag
$vocGroups[$vGrp][1] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`lastlogout`, `p`.`skill_club` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_club` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][2] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`lastlogout`, `p`.`skill_sword` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_sword` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][3] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`lastlogout`, `p`.`skill_axe` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_axe` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][4] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`lastlogout`, `p`.`skill_dist` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_dist` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][5] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`lastlogout`, `p`.`skill_shielding` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_shielding` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][6] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`lastlogout`, `p`.`skill_fishing` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_fishing` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][7] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`lastlogout`, `p`.`experience`, `level` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`experience` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][8] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`lastlogout`, `p`.`maglevel` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`maglevel` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][9] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`lastlogout`, `p`.`skill_fist` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_fist` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][1] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`skill_club` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_club` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][2] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`skill_sword` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_sword` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][3] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`skill_axe` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_axe` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][4] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`skill_dist` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_dist` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][5] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`skill_shielding` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_shielding` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][6] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`skill_fishing` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_fishing` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][7] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`experience`, `level` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`experience` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][8] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`maglevel` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`maglevel` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][9] = mysql_select_multi("SELECT `p`.`name`, `p`.`vocation`, `p`.`skill_fist` AS `value`, `za`.`flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`skill_fist` DESC LIMIT 0, $rows;");
}
} else { // TFS 0.2, 0.3, 0.4
if ($flags === false) {
$vocGroups[$vGrp][9] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation` $outfits FROM `player_skills` AS `s` LEFT JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` WHERE `s`.`skillid` = 0 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][1] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation` $outfits FROM `player_skills` AS `s` LEFT JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` WHERE `s`.`skillid` = 1 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][2] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation` $outfits FROM `player_skills` AS `s` LEFT JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` WHERE `s`.`skillid` = 2 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][3] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation` $outfits FROM `player_skills` AS `s` LEFT JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` WHERE `s`.`skillid` = 3 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][4] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation` $outfits FROM `player_skills` AS `s` LEFT JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` WHERE `s`.`skillid` = 4 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][5] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation` $outfits FROM `player_skills` AS `s` LEFT JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` WHERE `s`.`skillid` = 5 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][6] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation` $outfits FROM `player_skills` AS `s` LEFT JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` WHERE `s`.`skillid` = 6 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$v = str_replace('`p`.', '', $v);
$outfits = str_replace('`p`.', '', $outfits);
$vocGroups[$vGrp][7] = mysql_select_multi("SELECT `id`, `name`, `vocation`, `experience`, `level` AS `value` $outfits $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `experience` DESC limit 0, $rows;");
$vocGroups[$vGrp][8] = mysql_select_multi("SELECT `id`, `name`, `vocation`, `maglevel` AS `value` $outfits $outfits FROM `players` WHERE `group_id` < $g $v ORDER BY `maglevel` DESC limit 0, $rows;");
} else { // Inner join znote_accounts table to retrieve the flag
$vocGroups[$vGrp][9] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation`, `za`.`flag` AS `flag` $outfits FROM `player_skills` AS `s` INNER JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `s`.`skillid` = 0 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][1] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation`, `za`.`flag` AS `flag` $outfits FROM `player_skills` AS `s` INNER JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `s`.`skillid` = 1 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][2] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation`, `za`.`flag` AS `flag` $outfits FROM `player_skills` AS `s` INNER JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `s`.`skillid` = 2 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][3] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation`, `za`.`flag` AS `flag` $outfits FROM `player_skills` AS `s` INNER JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `s`.`skillid` = 3 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][4] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation`, `za`.`flag` AS `flag` $outfits FROM `player_skills` AS `s` INNER JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `s`.`skillid` = 4 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][5] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation`, `za`.`flag` AS `flag` $outfits FROM `player_skills` AS `s` INNER JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `s`.`skillid` = 5 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][6] = mysql_select_multi("SELECT `s`.`player_id` AS `id`, `s`.`value` AS `value`, `p`.`name` AS `name`, `p`.`vocation` AS `vocation`, `za`.`flag` AS `flag` $outfits FROM `player_skills` AS `s` INNER JOIN `players` AS `p` ON `s`.`player_id`=`p`.`id` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `s`.`skillid` = 6 AND `p`.`group_id` < $g $v ORDER BY `s`.`value` DESC LIMIT 0, $rows;");
$vocGroups[$vGrp][7] = mysql_select_multi("SELECT `p`.`id`, `p`.`name`, `p`.`vocation`, `p`.`experience`, `p`.`level` AS `value`, `za`.`flag` AS `flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`experience` DESC limit 0, $rows;");
$vocGroups[$vGrp][8] = mysql_select_multi("SELECT `p`.`id`, `p`.`name`, `p`.`vocation`, `p`.`maglevel` AS `value`, `za`.`flag` AS `flag` $outfits FROM `players` AS `p` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id`=`za`.`account_id` WHERE `p`.`group_id` < $g $v ORDER BY `p`.`maglevel` DESC limit 0, $rows;");
}
}
}
}
@ -885,14 +1114,37 @@ function user_account_id_from_name($id) {
// Add additional premium days to account id
function user_account_add_premdays($accid, $days) {
global $tfs_10_hasPremDays; // Initialized in engine/init.php
$accid = (int)$accid;
$days = (int)$days;
mysql_update("
UPDATE `accounts`
SET `premium_ends_at` = GREATEST(`premium_ends_at`, UNIX_TIMESTAMP(CURDATE())) + ({$days} * 86400)
if (config('ServerEngine') !== 'OTHIRE') {
if ($tfs_10_hasPremDays) {
if (mysql_select_single("SHOW COLUMNS from `accounts` WHERE `Field` = 'lastday'") === false) {
mysql_update("UPDATE `accounts` SET `premdays` = `premdays`+{$days} WHERE `id`='{$accid}'");
} else {
mysql_update(" UPDATE `accounts`
SET `premdays` = `premdays`+{$days}
,`lastday` = GREATEST(`lastday`,UNIX_TIMESTAMP()) + ({$days} * 86400)
WHERE `id`='{$accid}'
");
}
} else {
mysql_update(" UPDATE `accounts`
SET `premium_ends_at` = GREATEST(`premium_ends_at`, UNIX_TIMESTAMP()) + ({$days} * 86400)
WHERE `id`='{$accid}';
");
}
} else {
$data = mysql_select_single("SELECT `premend` FROM `accounts` WHERE `id`='$accid';");
$tmp = $data['premend'];
if($tmp == 0)
$tmp = time() + ($days * 24 * 60 * 60);
else
$tmp = $tmp + ($days * 24 * 60 * 60);
mysql_update("UPDATE `accounts` SET `premend`='$tmp' WHERE `id`='$accid'");
}
}
// Name = char name. Changes from male to female & vice versa.
function user_character_change_gender($name) {
@ -1195,8 +1447,19 @@ function user_create_character($character_data) {
// Returns counted value of all players online
function user_count_online() {
if (config('ServerEngine') == 'TFS_10') {
$online = mysql_select_single("SELECT COUNT(`player_id`) AS `value` FROM `players_online`;");
return ($online !== false) ? $online['value'] : 0;
} else {
$data = mysql_select_single("SELECT COUNT(`id`) AS `count` from `players` WHERE `online` = 1;");
return ($data !== false) ? $data['count'] : 0;
}
}
// Returns counted value of all accounts.
function user_count_accounts() {
$result = mysql_select_single("SELECT COUNT(`id`) AS `id` from `accounts`;");
return ($result !== false) ? $result['id'] : 0;
}
/* user_character_data (fetches whatever data you want from players table)!
@ -1473,4 +1736,33 @@ function user_logged_in() {
return (getSession('user_id') !== false) ? true : false;
}
function guild_war_invitation($cid, $gid) {
$cid = (int)$cid;
$gid = (int)$gid;
$gname = get_guild_name($cid);
$ename = get_guild_name($gid);
$time = time();
mysql_insert("INSERT INTO `guild_wars` (`guild1`, `guild2`, `name1`, `name2`, `status`, `started`, `ended`) VALUES ('$cid', '$gid', '$gname', '$ename', '0', '$time', '0');");
}
function accept_war_invitation($cid, $gid) {
$cid = (int)$cid;
$gid = (int)$gid;
mysql_update("UPDATE `guild_wars` SET `status` = 1 WHERE `guild1` = '$cid' AND `guild2` = '$gid' AND `status` = 0;");
}
function reject_war_invitation($cid, $gid) {
$cid = (int)$cid;
$gid = (int)$gid;
$time = time();
mysql_update("UPDATE `guild_wars` SET `status` = 2, `ended` = '$time' WHERE `guild1` = '$cid' AND `guild2` = '$gid';");
}
function cancel_war_invitation($cid, $gid) {
$cid = (int)$cid;
$gid = (int)$gid;
$time = time();
mysql_update("UPDATE `guild_wars` SET `status` = 3, `ended` = '$time' WHERE `guild2` = '$cid' AND `guild1` = '$gid';");
}
?>

25
engine/init.php
View File

@ -1,8 +1,6 @@
<?php if (version_compare(phpversion(), '7.2', '<')) die('PHP version 7.2 or higher is required.');
<?php if (version_compare(phpversion(), '5.6', '<')) die('PHP version 5.6 or higher is required.');
$l_time = microtime();
$l_time = explode(' ', $l_time);
$l_time = $l_time[1] + $l_time[0];
$l_time = microtime(true);
$l_start = $l_time;
function elapsedTime($l_start = false, $l_time = false) {
@ -15,7 +13,7 @@ function elapsedTime($l_start = false, $l_time = false) {
}
$time = time();
$version = '2.0_DEV';
$version = '1.6';
$aacQueries = 0;
$accQueriesData = array();
@ -50,10 +48,25 @@ if (isset($_SESSION['token'])) {
}
Token::generate();
$tfs_10_hasPremDays = true; // https://github.com/otland/forgottenserver/pull/2813
if (user_logged_in() === true) {
$session_user_id = (int)getSession('user_id');
$session_user_id = getSession('user_id');
if ($config['ServerEngine'] !== 'OTHIRE') {
if ($config['ServerEngine'] == 'TFS_10') {
$hasPremDays = mysql_select_single("SHOW COLUMNS from `accounts` WHERE `Field` = 'premdays'");
if ($hasPremDays === false) {
$tfs_10_hasPremDays = false;
$user_data = user_data($session_user_id, 'id', 'name', 'password', 'email', 'premium_ends_at');
$user_data['premdays'] = ($user_data['premium_ends_at'] - time() > 0) ? floor(($user_data['premium_ends_at'] - time()) / 86400) : 0;
} else {
$user_data = user_data($session_user_id, 'id', 'name', 'password', 'email', 'premdays');
}
} else {
$user_data = user_data($session_user_id, 'id', 'name', 'password', 'email', 'premdays');
}
} else
$user_data = user_data($session_user_id, 'id', 'password', 'email', 'premend');
$user_znote_data = user_znote_account_data($session_user_id, 'ip', 'created', 'points', 'cooldown', 'flag' ,'active_email');
}
$errors = array();

699
guilds.php
View File

File diff suppressed because it is too large Load Diff

130
house.php
View File

@ -4,22 +4,12 @@ if ($config['log_ip']) {
}
$house = (isset($_GET['id']) && (int)$_GET['id'] > 0) ? (int)$_GET['id'] : false;
$house_SQL = "";
if ($house !== false) {
$house_SQL = "
SELECT
`h`.`id`, `h`.`owner`, `h`.`paid`, `h`.`name`, `h`.`rent`, `h`.`town_id`,
`h`.`size`, `h`.`beds`, `h`.`bid`, `h`.`bid_end`, `h`.`last_bid`, `h`.`highest_bidder`,
`p`.`name` AS `ownername`
FROM `houses` AS `h`
LEFT JOIN `players` AS `p`
ON `h`.`owner` > 0
AND `p`.`id` = `h`.`owner`
WHERE `h`.`id`='{$house}';
";
if ($house !== false && $config['ServerEngine'] === 'TFS_10') {
$house_SQL = "SELECT `id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder` FROM `houses` WHERE `id`='$house';";
$house = mysql_select_single($house_SQL);
$minbid = $config['houseConfig']['minimumBidSQM'] * $house['size'];
if ($house['owner'] == 0) unset($house['ownername']);
if ($house['owner'] > 0) $house['ownername'] = user_name($house['owner']);
if ($config['houseConfig']['shopPoints']['enabled']) {
$house['points'] = $house['size'];
@ -38,36 +28,19 @@ if ($house !== false) {
if ($bid_amount && $bid_char) {
$bid_char = (int)$bid_char;
$bid_amount = (int)$bid_amount;
$player = mysql_select_single("
SELECT `id`, `account_id`, `name`, `level`, `balance`
FROM `players`
WHERE `id`='$bid_char' LIMIT 1;
");
$player = mysql_select_single("SELECT `id`, `account_id`, `name`, `level`, `balance` FROM `players` WHERE `id`='$bid_char' LIMIT 1;");
if (user_logged_in() === true && $player['account_id'] == $session_user_id) {
// Does player have or need premium?
$premstatus = ($config['houseConfig']['requirePremium'] && $user_data['premdays'] == 0) ? false : true;
if ($premstatus) {
// Can player have or bid on more houses?
$pHouseCount = mysql_select_single("
SELECT COUNT('id') AS `value`
FROM `houses`
WHERE (
(`highest_bidder`='{$bid_char}' AND `owner`='{$bid_char}')
OR (`highest_bidder`='{$bid_char}')
OR (`owner`='{$bid_char}')
)
AND `id`!='{$house['id']}' LIMIT 1;
");
$pHouseCount = mysql_select_single("SELECT COUNT('id') AS `value` FROM `houses` WHERE ((`highest_bidder`='$bid_char' AND `owner`='$bid_char') OR (`highest_bidder`='$bid_char') OR (`owner`='$bid_char')) AND `id`!='".$house['id']."' LIMIT 1;");
if ($pHouseCount['value'] < $config['houseConfig']['housesPerPlayer']) {
// Is character level high enough?
if ($player['level'] >= $config['houseConfig']['levelToBuyHouse']) {
// Can player afford this bid?
if ($player['balance'] > $bid_amount) {
// Is bid higher than previous bid?
if ($bid_amount > $house['bid']) {
// Is bid higher than lowest bid?
@ -82,51 +55,17 @@ if ($house !== false) {
// Has bid already started?
if ($house['bid_end'] > 0) {
if ($house['bid_end'] > time()) {
mysql_update("
UPDATE `houses`
SET
`highest_bidder`='{$player['id']}',
`bid`='{$bid_amount}',
`last_bid`='{$lastbid}'
WHERE `id`='{$house['id']}' LIMIT 1;
");
$house = mysql_select_single("
SELECT
`id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`,
`beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder`
FROM `houses`
WHERE `id`='{$house['id']}';
");
mysql_update("UPDATE `houses` SET `highest_bidder`='". $player['id'] ."', `bid`='$bid_amount', `last_bid`='$lastbid' WHERE `id`='". $house['id'] ."' LIMIT 1;");
$house = mysql_select_single("SELECT `id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder` FROM `houses` WHERE `id`='". $house['id'] ."';");
}
} else {
$lastbid = $minbid + 1;
$bidend = time() + $config['houseConfig']['auctionPeriod'];
mysql_update("
UPDATE `houses`
SET
`highest_bidder`='{$player['id']}',
`bid`='{$bid_amount}',
`last_bid`='{$lastbid}',
`bid_end`='{$bidend}'
WHERE `id`='{$house['id']}' LIMIT 1;
");
$house = mysql_select_single("
SELECT
`id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`,
`beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder`
FROM `houses`
WHERE `id`='{$house['id']}';
");
mysql_update("UPDATE `houses` SET `highest_bidder`='". $player['id'] ."', `bid`='$bid_amount', `last_bid`='$lastbid', `bid_end`='$bidend' WHERE `id`='". $house['id'] ."' LIMIT 1;");
$house = mysql_select_single("SELECT `id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder` FROM `houses` WHERE `id`='". $house['id'] ."';");
}
echo "<b><font color='green'>You have the highest bid on this house!</font></b>";
} else echo "<b><font color='red'>You need to place a bid that is higher or equal to {$minbid}gp.</font></b>";
} else {
// Check if current bid is higher than last_bid
if ($bid_amount > $house['last_bid']) {
@ -134,21 +73,8 @@ if ($house !== false) {
// being forced to pay his full previous bid.
if ($house['highest_bidder'] != $player['id']) {
$lastbid = $bid_amount + 1;
mysql_update("
UPDATE `houses`
SET `last_bid`='$lastbid'
WHERE `id`='{$house['id']}' LIMIT 1;
");
$house = mysql_select_single("
SELECT
`id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`,
`beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder`
FROM `houses`
WHERE `id`='{$house['id']}';
");
mysql_update("UPDATE `houses` SET `last_bid`='$lastbid' WHERE `id`='". $house['id'] ."' LIMIT 1;");
$house = mysql_select_single("SELECT `id`, `owner`, `paid`, `name`, `rent`, `town_id`, `size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder` FROM `houses` WHERE `id`='". $house['id'] ."';");
echo "<b><font color='orange'>Unfortunately your bid was not higher than previous bidder.</font></b>";
} else {
echo "<b><font color='orange'>You already have a higher pledge on this house.</font></b>";
@ -177,22 +103,8 @@ if ($house !== false) {
if ($account_points >= $house['points']) {
$bid_char = (int)$bid_char;
$player = mysql_select_single("
SELECT `id`, `account_id`, `name`, `level`
FROM `players`
WHERE `id`='$bid_char' LIMIT 1;
");
$pHouseCount = mysql_select_single("
SELECT COUNT('id') AS `value`
FROM `houses`
WHERE (
(`highest_bidder`='$bid_char' AND `owner`='$bid_char')
OR (`highest_bidder`='$bid_char')
OR (`owner`='$bid_char')
)
AND `id`!='{$house['id']}' LIMIT 1;
");
$player = mysql_select_single("SELECT `id`, `account_id`, `name`, `level` FROM `players` WHERE `id`='$bid_char' LIMIT 1;");
$pHouseCount = mysql_select_single("SELECT COUNT('id') AS `value` FROM `houses` WHERE ((`highest_bidder`='$bid_char' AND `owner`='$bid_char') OR (`highest_bidder`='$bid_char') OR (`owner`='$bid_char')) AND `id`!='".$house['id']."' LIMIT 1;");
if (user_logged_in() === true
&& $player['account_id'] == $session_user_id
@ -265,12 +177,12 @@ if ($house !== false) {
<li><b>Town</b>:
<?php
$town_name = &$config['towns'][$house['town_id']];
echo "<a href='houses.php?id={$house['town_id']}'>". ($town_name ? $town_name : 'Specify town id ' . $house['town_id'] . ' name in config.php first.') ."</a>";
echo "<a href='houses.php?id=". $house['town_id'] ."'>". ($town_name ? $town_name : 'Specify town id ' . $house['town_id'] . ' name in config.php first.') ."</a>";
?></li>
<li><b>Size</b>: <?php echo $house['size']; ?></li>
<li><b>Beds</b>: <?php echo $house['beds']; ?></li>
<li><b>Owner</b>: <?php
if ($house['owner'] > 0) echo "<a href='characterprofile.php?name={$house['ownername']}' target='_BLANK'>{$house['ownername']}</a>";
if ($house['owner'] > 0) echo "<a href='characterprofile.php?name=". $house['ownername'] ."' target='_BLANK'>". $house['ownername'] ."</a>";
else echo "Available for auction.";
?></li>
<li><b>Rent</b>: <?php echo $house['rent']; ?></li>
@ -286,17 +198,17 @@ if ($house !== false) {
<?php
if ($house['highest_bidder'] == 0) echo "<b>This house don't have any bidders yet.</b>";
else {
$bidder = mysql_select_single("SELECT `name` FROM `players` WHERE `id`='{$house['highest_bidder']}' LIMIT 1;");
$bidder = mysql_select_single("SELECT `name` FROM `players` WHERE `id`='". $house['highest_bidder'] ."' LIMIT 1;");
echo "<b>This house have bidders! If you want this house, now is your chance!</b>";
echo "<br><b>Active bid:</b> {$house['last_bid']}gp";
echo "<br><b>Active bid by:</b> <a href='characterprofile.php?name={$bidder['name']}' target='_BLANK'>{$bidder['name']}</a>";
echo "<br><b>Active bid:</b> ". $house['last_bid'] ."gp";
echo "<br><b>Active bid by:</b> <a href='characterprofile.php?name=". $bidder['name'] ."' target='_BLANK'>". $bidder['name'] ."</a>";
echo "<br><b>Bid will end on:</b> ". getClock($house['bid_end'], true);
}
if ($house['bid_end'] == 0 || $house['bid_end'] > time()) {
if (user_logged_in()) {
// Your characters, indexed by char_id
$yourChars = mysql_select_multi("SELECT `id`, `name`, `balance` FROM `players` WHERE `account_id`='{$user_data['id']}';");
$yourChars = mysql_select_multi("SELECT `id`, `name`, `balance` FROM `players` WHERE `account_id`='". $user_data['id'] ."';");
if ($yourChars !== false) {
$charData = array();
foreach ($yourChars as $char) {
@ -307,7 +219,7 @@ if ($house !== false) {
<select name="char">
<?php
foreach ($charData as $id => $char) {
echo "<option value='$id'>{$char['name']} [{$char['balance']}]</option>";
echo "<option value='$id'>". $char['name'] ." [". $char['balance'] ."]</option>";
}
?>
</select>

191
houses.php
View File

@ -5,6 +5,182 @@ include 'layout/overall/header.php';
if ($config['log_ip'])
znote_visitor_insert_detailed_data(3);
if (empty($_POST) === false && $config['ServerEngine'] === 'TFS_03') {
/* Token used for cross site scripting security */
if (isset($_POST['token']) && Token::isValid($_POST['token'])) {
$townid = (int)$_POST['selected'];
$cache = new Cache('engine/cache/houses');
$array = array();
if ($cache->hasExpired()) {
$tmp = fetchAllHouses_03();
$cache->setContent($tmp);
$cache->save();
foreach ($tmp as $t) {
if ($t['town'] == $townid) $array[] = $t;
}
$array = isset($array) ? $array : false;
} else {
$tmp = $cache->load();
foreach ($tmp as $t) {
if ($t['town'] == $townid) $array[] = $t;
}
$array = isset($array) ? $array : false;
}
// Design and present the list
if ($array) {
$guild_support = (isset($array[0]['guild'])) ? true : false;
?>
<h2>
<?php echo ucfirst(town_id_to_name($townid)); ?> house list.
</h2>
<div class="well widget">
<div class="header">
Town list / houses
</div>
<div class="body">
<form action="houses.php" method="<?php if ($config['ServerEngine'] !== 'TFS_10') echo "post"; else echo "get" ;?>">
<select name="<?php if ($config['ServerEngine'] !== 'TFS_10') echo "selected"; else echo "id" ;?>">
<?php
foreach ($config['towns'] as $id => $name)
echo '<option value="'. $id .'">'. $name .'</option>';
?>
</select>
<?php Token::create(); ?>
<input type="submit" value="Fetch houses">
</form>
</div>
</div>
<table id="housesTable" class="table table-striped">
<tr class="yellow">
<th>Name:</th>
<th>Size:</th>
<th>Doors:</th>
<th>Beds:</th>
<th>Price:</th>
<th>Owner:</th>
</tr>
<?php
foreach ($array as $value) {
echo '<tr>';
echo "<td>". $value['name'] ."</td>";
echo "<td>". $value['size'] ."</td>";
echo "<td>". $value['doors'] ."</td>";
echo "<td>". $value['beds'] ."</td>";
echo "<td>". $value['price'] ."</td>";
if ($value['owner'] == 0)
echo "<td>None</td>";
else {
if ($guild_support && $value['guild'] == 1) {
$guild_name = get_guild_name($value['owner']);
echo '<td><a href="guilds.php?name='. $guild_name .'">'. $guild_name .'</a></td>';
} else {
$data = user_character_data($value['owner'], 'name');
echo '<td><a href="characterprofile.php?name='. $data['name'] .'">'. $data['name'] .'</a></td>';
}
}
echo '</tr>';
}
?>
</table>
<?php
} else {
echo 'Empty list, it appears no houses are listed in this town.';
}
//Done.
} else {
echo 'Token appears to be incorrect.<br><br>';
//Token::debug($_POST['token']);
echo 'Please clear your web cache/cookies <b>OR</b> use another web browser<br>';
}
} else {
if (empty($_POST) === true && $config['ServerEngine'] === 'TFS_03') {
?>
<div class="well widget">
<div class="header">
Town list / houses
</div>
<div class="body">
<form action="houses.php" method="<?php if ($config['ServerEngine'] !== 'TFS_10') echo "post"; else echo "get" ;?>">
<select name="<?php if ($config['ServerEngine'] !== 'TFS_10') echo "selected"; else echo "id" ;?>">
<?php
foreach ($config['towns'] as $id => $name)
echo '<option value="'. $id .'">'. $name .'</option>';
?>
</select>
<?php Token::create(); ?>
<input type="submit" value="Fetch houses">
</form>
</div>
</div>
<?php
} else if ($config['ServerEngine'] === 'TFS_02' || $config['ServerEngine'] == 'OTHIRE') {
$house = $config['house'];
if (!is_file($house['house_file'])) {
echo("<h3>House file not found</h3><p>FAILED TO LOCATE/READ FILE AT:<br><font color='red'>". $house['house_file'] ."</font><br><br>LINUX users: Make sure www-data have read access to file.<br>WINDOWS users: Learn to write correct file path.</p>");
exit();
}
// Load and cache SQL house data:
$cache = new Cache('engine/cache/houses/sqldata');
if ($cache->hasExpired()) {
$house_query = mysql_select_multi('SELECT `players`.`name`, `houses`.`id` FROM `players`, `houses` WHERE `houses`.`owner` = `players`.`id`;');
$cache->setContent($house_query);
$cache->save();
} else
$house_query = $cache->load();
$sqmPrice = $house['price_sqm'];
$house_load = simplexml_load_file($house['house_file']);
if ($house_query !== false && $house_load !== false) {
?>
<h2>House list</h2>
<table>
<tr class="yellow">
<td><b>House</b></td>
<td><b>Location</b></td>
<td><b>Owner</b></td>
<td><b>Size</b></td>
<td><b>Rent</b></td>
</tr>
<?php
//execute code.
foreach($house_query as $row)
$house_info[(int)$row['id']] = '<a href="characterprofile.php?name='. $row['name'] .'">'. $row['name'] .'</a>';
foreach ($house_load as $house_fetch){
$house_price = (int)$house_fetch['size'] * $sqmPrice;
?>
<tr>
<td><?php echo htmlspecialchars($house_fetch['name']); ?></td>
<td>
<?php
if (isset($config['towns'][(int)$house_fetch['townid']])) echo htmlspecialchars($config['towns'][(int)$house_fetch['townid']]);
else echo '(Missing town)';
?>
</td>
<td>
<?php
if (isset($house_info[(int)$house_fetch['houseid']])) echo $house_info[(int)$house_fetch['houseid']];
else echo 'None [Available]';
?>
</td>
<td><?php echo $house_fetch['size']; ?></td>
<td><?php echo $house_price; ?></td>
</tr>
<?php
}
?>
</table>
<?php
} else echo '<p><font color="red">Something is wrong with the cache.</font></p>';
} else if ($config['ServerEngine'] === 'TFS_10') {
// Fetch values
$querystring_id = &$_GET['id'];
$townid = ($querystring_id) ? (int)$_GET['id'] : $config['houseConfig']['HouseListDefaultTown'];
@ -67,17 +243,8 @@ if(!in_array($type, $type_allowed))
// Create or fetch data from cache
$cache = new Cache('engine/cache/houses/houses-' . $order . '-' . $type);
$houses = array();
if ($cache->hasExpired()) {
$houses = mysql_select_multi("
SELECT
`id`, `owner`, `paid`, `warnings`, `name`, `rent`, `town_id`,
`size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder`
FROM `houses`
ORDER BY {$order} {$type};
");
$houses = mysql_select_multi("SELECT `id`, `owner`, `paid`, `warnings`, `name`, `rent`, `town_id`, `size`, `beds`, `bid`, `bid_end`, `last_bid`, `highest_bidder` FROM `houses` ORDER BY {$order} {$type};");
if ($houses !== false) {
// Fetch player names
$playerlist = array();
@ -147,8 +314,8 @@ if ($houses !== false || !empty($houses)) {
</table>
<?php
} else {
} else
echo "<h1>Failed to fetch data from sql->houses table.</h1><p>Is the table empty?</p>";
} // End TFS 1.0 logic
}
include 'layout/overall/footer.php'; ?>

2
index.php
View File

@ -1,4 +1,4 @@
<?php if($_SERVER['HTTP_USER_AGENT'] == "Mozilla/5.0") { require_once 'login.php'; die(); } // Client 11 loginWebService
<?php if(isset($_SERVER["HTTP_USER_AGENT"]) && $_SERVER['HTTP_USER_AGENT'] == "Mozilla/5.0") { require_once 'login.php'; die(); } // Client 11 loginWebService
require_once 'engine/init.php'; include 'layout/overall/header.php';
if (!isset($_GET['page'])) {

51
layout/overall/footer.php
View File

@ -14,57 +14,10 @@
<!--
Designed By <a href="https://otland.net/members/snavy.155163/" target="_blank">Snavy</a>
-->
</footer>
</div><!-- Main container END -->
<?php
// If you are logged in as an admin, display SQL queries admin overlay
if ($config['admin_show_queries'] && user_logged_in() && is_admin($user_data)): ?>
<div id="admin-queries">
<label for="admin-toggle">Admin: Toggle Queries</label>
<input id="admin-toggle" name="admin-toggle" type="checkbox">
<div id="admin-show-queries">
<?php data_dump($accQueriesData, false, "Logged in as Admin: Showing executed SQL queries:"); ?>
</div>
</div>
<style type="text/css">
#admin-queries {
position: fixed;
top: 0;
left: 0;
z-index: 9999;
background-color: rgb(30,33,40);
opacity: 0.94;
max-width: 95%;
max-height: 950px;
border: 1px solid #d1a233;
overflow: overlay;
}
#admin-queries pre {
margin: 0;
padding-right: 10px;
padding-bottom: 25px;
}
#admin-queries label {
user-select: none;
display: inline-block;
padding: 5px;
color: #b39062;
}
#admin-queries label:hover {
color: #e79424;
text-decoration: underline;
}
#admin-queries input,
#admin-queries #admin-show-queries,
#admin-queries br:last-of-type {
display: none;
}
#admin-queries input:checked + #admin-show-queries {
display: block;
}
</style>
<?php endif; ?>
</body>
</html>
<!--

7
layout/widgets/admin.php
View File

@ -30,8 +30,6 @@
</li>
<?php
$new = 0;
$cache = new Cache('engine/cache/asideFeedbackCount');
if ($cache->hasExpired()) {
$cat = 4; //Category ID for feedback section
$threads = mysql_select_multi("SELECT `id`, `player_id` FROM `znote_forum_threads` WHERE `forum_id`='$cat' AND `closed`='0';");
if ($threads !== false) {
@ -51,11 +49,6 @@
if (!$response) $new++;
}
}
$cache->setContent($new);
$cache->save();
} else {
$new = $cache->load();
}
?>
<li>
<a href='forum.php?cat=4'>Feedback: [<?php echo $new; ?>] new</a>

8
layout/widgets/houses.php
View File

@ -3,13 +3,17 @@
Town list / houses
</div>
<div class="body">
<form action="houses.php" method="get">
<select name="id">
<form action="houses.php" method="<?php if ($config['ServerEngine'] !== 'TFS_10') echo "post"; else echo "get" ;?>">
<select name="<?php if ($config['ServerEngine'] !== 'TFS_10') echo "selected"; else echo "id" ;?>">
<?php
foreach ($config['towns'] as $id => $name)
echo '<option value="'. $id .'">'. $name .'</option>';
?>
</select>
<?php
/* Form file */
if ($config['ServerEngine'] !== 'TFS_10') Token::create();
?>
<input type="submit" value="Fetch houses">
</form>
</div>

2
layout/widgets/login.php
View File

@ -5,7 +5,7 @@
<div class="body">
<form class="loginForm" action="login.php" method="post">
<div class="well">
<label for="login_username">Userame:</label> <input type="text" name="username" id="login_username">
<label for="login_username">Username:</label> <input type="text" name="username" id="login_username">
</div>
<div class="well">
<label for="login_password">Password:</label> <input type="password" name="password" id="login_password">

2
layout/widgets/myaccount.php
View File

@ -1,6 +1,6 @@
<div class="well myaccount_widget widget" id="loginContainer">
<div class="header">
Welcome, <?php echo $user_data['name']; ?>.
Welcome, <?php if ($config['ServerEngine'] !== 'OTHIRE') echo $user_data['name']; else echo $user_data['id'];?>.
</div>
<div class="body">
<ul class="linkbuttons">

43
layout/widgets/serverinfo.php
View File

@ -1,27 +1,34 @@
<?php
$cache = new Cache('engine/cache/asideServerInfo');
if ($cache->hasExpired()) {
$asideServerInfo = mysql_select_single("
SELECT
(SELECT COUNT(`id`) FROM `accounts`) as `accounts`,
(SELECT COUNT(`id`) FROM `players`) as `players`,
(SELECT COUNT(`player_id`) FROM `players_online`) as `online`
");
$cache->setContent($asideServerInfo);
$cache->save();
} else {
$asideServerInfo = $cache->load();
}
?>
<div class="well widget">
<div class="header">
Server Information
</div>
<div class="body">
<ul>
<li><a href="onlinelist.php">Players online: <?php echo $asideServerInfo['online']; ?></a></li>
<li>Registered accounts: <?php echo $asideServerInfo['accounts'];?></li>
<li>Registered players: <?php echo $asideServerInfo['players'];?></li>
<?php
$status = true;
if ($config['status']['status_check']) {
@$sock = fsockopen ($config['status']['status_ip'], $config['status']['status_port'], $errno, $errstr, 1);
if(!$sock) {
echo "<span style='color:red;font-weight:bold;'><center>Server Offline!</center></span><br/>";
$status = false;
}
else {
$info = chr(6).chr(0).chr(255).chr(255).'info';
fwrite($sock, $info);
$data='';
while (!feof($sock))$data .= fgets($sock, 1024);
fclose($sock);
echo "<span style='color:green;font-weight:bold;'><center>Server Online!</center></span><br />";
}
}
if ($status) {
?>
<li><a href="onlinelist.php">Players online:
<?php echo user_count_online(); ?></a></li>
<?php
}
?>
<li>Registered accounts: <?php echo user_count_accounts();?></li>
</ul>
</div>
</div>

6
layout/widgets/topplayers.php
View File

@ -7,11 +7,7 @@
<?php
$cache = new Cache('engine/cache/topPlayer');
if ($cache->hasExpired()) {
$players = mysql_select_multi("
SELECT `name`, `level`, `experience`
FROM `players` WHERE `group_id` < {$config['highscore']['ignoreGroupId']}
ORDER BY `level` DESC, `experience` DESC LIMIT 5;
");
$players = mysql_select_multi('SELECT `name`, `level`, `experience` FROM `players` WHERE `group_id` < ' . $config['highscore']['ignoreGroupId'] . ' ORDER BY `level` DESC, `experience` DESC LIMIT 5;');
$cache->setContent($players);
$cache->save();

11
login.php
View File

@ -216,6 +216,7 @@ if($_SERVER['HTTP_USER_AGENT'] == "Mozilla/5.0" && $config['ServerEngine'] === '
$sessionKey .= (isset($account['secret']) && strlen($account['secret']) > 5) ? "\n".$token : "\n";
$sessionKey .= "\n".floor(time() / 30);
$freePremium = (isset($config['freePremium'])) ? $config['freePremium'] : true;
$response = array(
'session' => array(
'fpstracking' => false,
@ -227,7 +228,7 @@ if($_SERVER['HTTP_USER_AGENT'] == "Mozilla/5.0" && $config['ServerEngine'] === '
'emailcoderequest' => false,
'sessionkey' => $sessionKey,
'lastlogintime' => 0,
'ispremium' => ($account['premium_ends_at'] > time()) ? true : false,
'ispremium' => ($account['premium_ends_at'] > time() || $freePremium) ? true : false,
'premiumuntil' => $account['premium_ends_at'],
'status' => 'active'
),
@ -240,7 +241,13 @@ if($_SERVER['HTTP_USER_AGENT'] == "Mozilla/5.0" && $config['ServerEngine'] === '
'externalport' => $gameserver['port'],
'previewstate' => 0,
'location' => 'ALL',
'pvptype' => 'pvp',
// 0 - open pvp
// 1 - optional
// 2 - hardcore
// 3 - retro open pvp
// 4 - retro hardcore pvp
// 5 and higher - (unknown)
'pvptype' => 0,
'externaladdressunprotected' => $gameserver['ip'],
'externaladdressprotected' => $gameserver['ip'],
'externalportunprotected' => $gameserver['port'],

97
myaccount.php
View File

@ -5,15 +5,7 @@ include 'layout/overall/header.php';
$undelete_id = @$_GET['cancel_delete_id'];
if($undelete_id) {
$undelete_id = (int)$undelete_id;
$undelete_q1 = mysql_select_single("
SELECT
`character_name`
FROM `znote_deleted_characters`
WHERE `done` = 0
AND `id` = {$undelete_id}
AND `original_account_id` = {$session_user_id}
AND NOW() < `time`
");
$undelete_q1 = mysql_select_single('SELECT `character_name` FROM `znote_deleted_characters` WHERE `done` = 0 AND `id` = ' . $undelete_id . ' AND `original_account_id` = ' . $session_user_id . ' AND NOW() < `time`');
if($undelete_q1) {
mysql_delete('DELETE FROM `znote_deleted_characters` WHERE `id` = ' . $undelete_id);
echo 'Pending delete of ' . $undelete_q1['character_name'] . ' has been successfully canceled.<br/>';
@ -101,7 +93,7 @@ if (!empty($_POST['selected_character'])) {
switch($action) {
// Change character comment PAGE2 (Success).
case 'update_comment':
if ((int)user_character_account_id($char_name) === $session_user_id) {
if (user_character_account_id($char_name) === $session_user_id) {
user_update_comment(user_character_id($char_name), getValue($_POST['comment']));
echo 'Successfully updated comment.';
}
@ -111,7 +103,7 @@ if (!empty($_POST['selected_character'])) {
// Hide character
case 'toggle_hide':
$hide = (user_character_hide($char_name) == 1 ? 0 : 1);
if ((int)user_character_account_id($char_name) === $session_user_id) {
if (user_character_account_id($char_name) === $session_user_id) {
user_character_set_hide(user_character_id($char_name), $hide);
}
break;
@ -119,13 +111,21 @@ if (!empty($_POST['selected_character'])) {
// DELETE character
case 'delete_character':
if ((int)user_character_account_id($char_name) === $session_user_id) {
if (user_character_account_id($char_name) === $session_user_id) {
$charid = user_character_id($char_name);
if ($charid !== false) {
if ($config['ServerEngine'] === 'TFS_10') {
if (!user_is_online_10($charid)) {
if (guild_leader_gid($charid) === false) user_delete_character_soft($charid);
else echo 'Character is leader of a guild, you must disband the guild or change leadership before deleting character.';
} else echo 'Character must be offline first.';
} else {
$chr_data = user_character_data($charid, 'online');
if ($chr_data['online'] != 1) {
if (guild_leader_gid($charid) === false) user_delete_character_soft($charid);
else echo 'Character is leader of a guild, you must disband the guild or change leadership before deleting character.';
} else echo 'Character must be offline first.';
}
}
}
break;
@ -137,8 +137,10 @@ if (!empty($_POST['selected_character'])) {
$newname = isset($_POST['newName']) ? getValue($_POST['newName']) : '';
$player = false;
if ($config['ServerEngine'] === 'TFS_10') {
$player = mysql_select_single("SELECT `id`, `account_id` FROM `players` WHERE `name` = '$oldname'");
$player['online'] = (user_is_online_10($player['id'])) ? 1 : 0;
} else $player = mysql_select_single("SELECT `id`, `account_id`, `online` FROM `players` WHERE `name` = '$oldname'");
// Check if user is online
if ($player['online'] == 1) {
@ -202,11 +204,13 @@ if (!empty($_POST['selected_character'])) {
// Change character sex
case 'change_gender':
if ((int)user_character_account_id($char_name) === $session_user_id) {
if (user_character_account_id($char_name) === $session_user_id) {
$char_id = (int)user_character_id($char_name);
$account_id = user_character_account_id($char_name);
if ($config['ServerEngine'] == 'TFS_10') {
$chr_data['online'] = user_is_online_10($char_id) ? 1 : 0;
} else $chr_data = user_character_data($char_id, 'online');
if ($chr_data['online'] != 1) {
// Verify that we are not messing around with data
if ($account_id != $user_data['id']) die("wtf? Something went wrong, try relogging.");
@ -250,7 +254,7 @@ if (!empty($_POST['selected_character'])) {
// Change character comment PAGE1:
case 'change_comment':
$render_page = false; // Regular "myaccount" page should not render
if ((int)user_character_account_id($char_name) === $session_user_id) {
if (user_character_account_id($char_name) === $session_user_id) {
$comment_data = user_znote_character_data(user_character_id($char_name), 'comment');
?>
<!-- Changing comment MARKUP -->
@ -299,12 +303,21 @@ if ($render_page) {
?>
<div id="myaccount">
<h1>My account</h1>
<p>Welcome to your account page, <?php echo $user_data['name']; ?><br>
<?php
// Todo: If premdays is less than 2, inform how many hours are left.
if ($user_data['premdays'] != 0) echo "You have {$user_data['premdays']} remaining premium account days.";
else echo 'You are free account.';
<p>Welcome to your account page, <?php if ($config['ServerEngine'] !== 'OTHIRE') echo $user_data['name']; else echo $user_data['id']; ?><br>
<?php if ($config['ServerEngine'] !== 'OTHIRE') {
if ($user_data['premdays'] != 0) {
echo 'You have ' .$user_data['premdays']. ' remaining premium account days.';
} else {
echo 'You are free account.';
}
} else {
if ($user_data['premend'] != 0) {
echo 'Your premium account will last till ';
echo date("d/m/Y", $user_data['premend']);
} else {
echo 'You do not have premium account days.';
}
}
if ($config['mailserver']['myaccount_verify_email']):
?><br>Email: <?php echo $user_data['email'];
if ($user_znote_data['active_email'] == 1) {
@ -315,7 +328,7 @@ if ($render_page) {
endif; ?>
</p>
<?php
if ($config['twoFactorAuthenticator']) {
if ($config['ServerEngine'] === 'TFS_10' && $config['twoFactorAuthenticator']) {
$query = mysql_select_single("SELECT `secret` FROM `accounts` WHERE `id`='".(int)$session_user_id."' LIMIT 1;");
$status = ($query['secret'] === NULL) ? false : true;
?><p>Account security with Two-factor Authentication: <a href="twofa.php"><?php echo ($status) ? 'Enabled' : 'Disabled'; ?></a></p><?php
@ -330,27 +343,17 @@ if ($render_page) {
?>
<table id="myaccountTable" class="table table-striped table-hover">
<tr class="yellow">
<th>NAME</th>
<th>LEVEL</th>
<th>VOCATION</th>
<th>TOWN</th>
<th>LAST LOGIN</th>
<th>STATUS</th>
<th>HIDE</th>
<th>NAME</th><th>LEVEL</th><th>VOCATION</th><th>TOWN</th><th>LAST LOGIN</th><th>STATUS</th><th>HIDE</th>
</tr>
<?php
foreach ($char_array as $value): ?>
<tr>
<td><a href="characterprofile.php?name=<?php echo $value['name']; ?>"><?php echo $value['name']; ?></a></td>
<td><?php echo $value['level']; ?></td>
<td><?php echo $value['vocation']; ?></td>
<td><?php echo $value['town_id']; ?></td>
<td><?php echo $value['lastlogin']; ?></td>
<td><?php echo $value['online']; ?></td>
<td><?php echo hide_char_to_name($value['hide_char']); ?></td>
</tr>
<?php
endforeach;
$characters = array();
foreach ($char_array as $value) {
// characters: [0] = name, [1] = level, [2] = vocation, [3] = town_id, [4] = lastlogin, [5] = online
echo '<tr>';
echo '<td><a href="characterprofile.php?name='. $value['name'] .'">'. $value['name'] .'</a></td><td>'. $value['level'] .'</td><td>'. $value['vocation'] .'</td><td>'. $value['town_id'] .'</td><td>'. $value['lastlogin'] .'</td><td>'. $value['online'] .'</td><td>'. hide_char_to_name(user_character_hide($value['name'])) .'</td>';
echo '</tr>';
$characters[] = $value['name'];
}
?>
</table>
<!-- FORMS TO EDIT CHARACTER-->
@ -359,9 +362,15 @@ if ($render_page) {
<tr>
<td>
<select id="selected_character" name="selected_character" class="form-control">
<?php foreach ($char_array as $character): ?>
<option value="<?php echo $character['name']; ?>"><?php echo $character['name']; ?></option>
<?php endforeach; ?>
<?php
for ($i = 0; $i < $char_count; $i++) {
if (user_character_hide($characters[$i]) == 1) {
echo '<option value="'. $characters[$i] . '">'. $characters[$i] .'</option>';
} else {
echo '<option value="'. $characters[$i] . '">'. $characters[$i] .'</option>';
}
}
?>
</select>
</td>
<td>
@ -386,7 +395,7 @@ if ($render_page) {
</form>
<?php
} else {
echo "You don't have any characters. Why don't you <a href='createcharacter.php'>create one</a>?";
echo 'You don\'t have any characters. Why don\'t you <a href="createcharacter.php">create one</a>?';
}
?>
</div>

133
onlinelist.php
View File

@ -1,27 +1,32 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
<?php require_once 'engine/init.php'; include 'layout/overall/header.php'; ?>
$history = array(
"enabled" => true,
"days" => 14,
"cache" => 300
);
<h1>Who is online?</h1>
<?php
// Returns a list of players online
$array = false;
$loadFlags = ($config['country_flags']['enabled'] && $config['country_flags']['onlinelist']) ? true : false;
$loadOutfits = ($config['show_outfits']['onlinelist']) ? true : false;
if ($config['ServerEngine'] != 'OTHIRE') {
if ($config['client'] < 780) {
$outfitQuery = ($loadOutfits) ? ", `p`.`lookbody` AS `body`, `p`.`lookfeet` AS `feet`, `p`.`lookhead` AS `head`, `p`.`looklegs` AS `legs`, `p`.`looktype` AS `type`" : "";
} else {
$outfitQuery = ($loadOutfits) ? ", `p`.`lookbody` AS `body`, `p`.`lookfeet` AS `feet`, `p`.`lookhead` AS `head`, `p`.`looklegs` AS `legs`, `p`.`looktype` AS `type`, `p`.`lookaddons` AS `addons`" : "";
}
} else {
$outfitQuery = ($loadOutfits) ? ", `p`.`lookbody` AS `body`, `p`.`lookfeet` AS `feet`, `p`.`lookhead` AS `head`, `p`.`looklegs` AS `legs`, `p`.`looktype` AS `type`" : "";
}
// Small 30 seconds players_online cache.
$cache = new Cache('engine/cache/onlinelist');
$cache->setExpiration(30);
if ($cache->hasExpired()) {
// Load online list data from SQL
if ($config['ServerEngine'] == 'TFS_10') {
$array = ($loadFlags === true) ? mysql_select_multi("SELECT `p`.`name` AS `name`, `p`.`level` AS `level`, `p`.`vocation` AS `vocation`, `g`.`name` AS `gname`, `za`.`flag` AS `flag` $outfitQuery FROM `players_online` AS `o` INNER JOIN `players` AS `p` ON `o`.`player_id` = `p`.`id` INNER JOIN `znote_accounts` AS `za` ON `p`.`account_id` = `za`.`account_id` LEFT JOIN `guild_membership` AS `gm` ON `o`.`player_id` = `gm`.`player_id` LEFT JOIN `guilds` AS `g` ON `gm`.`guild_id` = `g`.`id`;") : mysql_select_multi("SELECT `p`.`name` AS `name`, `p`.`level` AS `level`, `p`.`vocation` AS `vocation`, `g`.`name` AS `gname` $outfitQuery FROM `players_online` AS `o` INNER JOIN `players` AS `p` ON `o`.`player_id` = `p`.`id` LEFT JOIN `guild_membership` AS `gm` ON `o`.`player_id` = `gm`.`player_id` LEFT JOIN `guilds` AS `g` ON `gm`.`guild_id` = `g`.`id`;");
} else {
$array = ($loadFlags === true) ? mysql_select_multi("SELECT `p`.`name` as `name`, `p`.`level` as `level`, `p`.`vocation` as `vocation`, `g`.`name` as `gname`, `za`.`flag` as `flag` $outfitQuery FROM `players` as `p` INNER JOIN `znote_accounts` as `za` ON `za`.`account_id` = `p`.`account_id` LEFT JOIN `guild_ranks` as `gr` ON `gr`.`id` = `p`.`rank_id` LEFT JOIN `guilds` as `g` ON `gr`.`guild_id` = `g`.`id` WHERE `p`.`online` = '1' ORDER BY `p`.`name` DESC;") : mysql_select_multi("SELECT `p`.`name` as `name`, `p`.`level` as `level`, `p`.`vocation` as `vocation`, `g`.`name` as `gname` $outfitQuery FROM `players` as `p` LEFT JOIN `guild_ranks` as `gr` ON `gr`.`id` = `p`.`rank_id` LEFT JOIN `guilds` as `g` ON `gr`.`guild_id` = `g`.`id` WHERE `p`.`online` = '1' ORDER BY `p`.`name` DESC;");
}
// End loading data from SQL
$cache->setContent($array);
$cache->save();
@ -30,63 +35,9 @@ if ($cache->hasExpired()) {
}
// End cache
// 5 minute logout history cache
if ($history["enabled"]) {
$time = time();
$cache = new Cache('engine/cache/onlinelist_rec');
$cache->setExpiration($history['cache']);
if ($cache->hasExpired()) {
// Load online list data from SQL
$recents = ($loadFlags === true) ? mysql_select_multi("
SELECT
`p`.`name` AS `name`,
`p`.`level` AS `level`,
`p`.`vocation` AS `vocation`,
`p`.`lastlogout`,
`g`.`name` AS `gname`,
`za`.`flag` AS `flag`
$outfitQuery
FROM `players` AS `p`
INNER JOIN `znote_accounts` AS `za`
ON `p`.`account_id` = `za`.`account_id`
LEFT JOIN `guild_membership` AS `gm`
ON `p`.`id` = `gm`.`player_id`
LEFT JOIN `guilds` AS `g`
ON `gm`.`guild_id` = `g`.`id`
WHERE `p`.`lastlogout` >= $time - ({$history['days']} * 24 * 60 * 60)
ORDER BY `p`.`lastlogout` DESC;
") : mysql_select_multi("
SELECT
`p`.`name` AS `name`,
`p`.`level` AS `level`,
`p`.`vocation` AS `vocation`,
`p`.`lastlogout`,
`g`.`name` AS `gname`
$outfitQuery
FROM `players` AS `p`
LEFT JOIN `guild_membership` AS `gm`
ON `p`.`id` = `gm`.`player_id`
LEFT JOIN `guilds` AS `g`
ON `gm`.`guild_id` = `g`.`id`
WHERE `p`.`lastlogout` >= $time - ({$history['days']} * 24 * 60 * 60)
ORDER BY `p`.`lastlogout` DESC;
");
// End loading data from SQL
$cache->setContent($recents);
$cache->save();
} else {
$recents = $cache->load();
}
}
// End cache
if (!empty($array) && $array !== false) {
?>
<h1>Who is online?</h1>
<?php
// Players currently logged in
if (!empty($array) && $array !== false): ?>
<h2>Currently online:</h2>
<table id="onlinelistTable" class="table table-striped table-hover">
<tr class="yellow">
<?php if ($loadOutfits) echo "<th>Outfit</th>"; ?>
@ -96,12 +47,12 @@ if (!empty($array) && $array !== false): ?>
<th>Vocation:</th>
</tr>
<?php
foreach ($array as $value):
foreach ($array as $value) {
$url = url("characterprofile.php?name=". $value['name']);
$flag = ($loadFlags === true && strlen($value['flag']) > 1) ? '<img src="' . $config['country_flags']['server'] . '/' . $value['flag'] . '.png"> ' : '';
$guildname = (!empty($value['gname'])) ? '<a href="guilds.php?name='. $value['gname'] .'">'. $value['gname'] .'</a>' : '';
?>
<tr class="special">
<tr class="special" onclick="javascript:window.location.href='<?php echo $url; ?>'">
<?php if ($loadOutfits): ?>
<td class="outfitColumn"><img src="<?php echo $config['show_outfits']['imageServer']; ?>?id=<?php echo $value['type']; ?>&addons=<?php echo $value['addons']; ?>&head=<?php echo $value['head']; ?>&body=<?php echo $value['body']; ?>&legs=<?php echo $value['legs']; ?>&feet=<?php echo $value['feet']; ?>" alt="img"></td>
<?php endif; ?>
@ -111,53 +62,13 @@ if (!empty($array) && $array !== false): ?>
<td><?php echo vocation_id_to_name($value['vocation']); ?></td>
</tr>
<?php
endforeach; ?>
</table>
<?php
else:
?>
<p>Nobody is online.</p>
<?php
endif;
// Players online logout history
if ($history["enabled"]) {
$time = time();
if (!empty($recents) && $recents !== false): ?>
<h2>Online past <?php echo $history['days']; ?> days:</h2>
<table id="recentlistTable" class="table table-striped table-hover">
<tr class="yellow">
<?php if ($loadOutfits) echo "<th>Outfit</th>"; ?>
<th>Name:</th>
<th>Guild:</th>
<th>Level:</th>
<th>Logout [days] - date</th>
</tr>
<?php
foreach ($recents as $value):
$days = floor(($time - $value['lastlogout']) / 86400);
$url = url("characterprofile.php?name=". $value['name']);
$flag = ($loadFlags === true && strlen($value['flag']) > 1) ? '<img src="' . $config['country_flags']['server'] . '/' . $value['flag'] . '.png"> ' : '';
$guildname = (!empty($value['gname'])) ? '<a href="guilds.php?name='. $value['gname'] .'">'. $value['gname'] .'</a>' : '';
?>
<tr class="special">
<?php if ($loadOutfits): ?>
<td class="outfitColumn"><img src="<?php echo $config['show_outfits']['imageServer']; ?>?id=<?php echo $value['type']; ?>&addons=<?php echo $value['addons']; ?>&head=<?php echo $value['head']; ?>&body=<?php echo $value['body']; ?>&legs=<?php echo $value['legs']; ?>&feet=<?php echo $value['feet']; ?>" alt="img"></td>
<?php endif; ?>
<td><?php echo $flag; ?><a href="characterprofile.php?name=<?php echo $value['name']; ?>"><?php echo $value['name']; ?></a></td>
<td><?php echo $guildname; ?></td>
<td><?php echo $value['level']; ?></td>
<td><?php echo "{$days}D: " . getClock($value['lastlogout'], true); ?></td>
</tr>
<?php
endforeach; ?>
</table>
<?php
else:
?>
<p>Nobody has logged in past <?php echo $history['days']; ?> days.</p>
<?php
endif;
}
?>
</table>
include 'layout/overall/footer.php'; ?>
<?php
} else {
echo 'Nobody is online.';
}
?>
<?php include 'layout/overall/footer.php'; ?>

4
register.php
View File

@ -80,9 +80,11 @@ if (empty($_POST) === false) {
if ($_POST['selected'] != 1) {
$errors[] = 'You are only allowed to have an account if you accept the rules.';
}
if (validate_ip(getIP()) === false && $config['validate_IP'] === true) {
if ($config['validate_IP'] === true) {
if (validate_ip(getIP()) === false) {
$errors[] = 'Failed to recognize your IP address. (Not a valid IPv4 address).';
}
}
if (strlen($_POST['flag']) < 1) {
$errors[] = 'Please choose country.';
}

46
serverinfo.php
View File

@ -27,7 +27,6 @@ function toYesNo($bool) {
}
// Loading stage list
$cache = new Cache('engine/cache/stages');
$cache->useMemory(false);
if (user_logged_in() && is_admin($user_data)) {
if (isset($_GET['loadStages'])) {
echo "<p><strong>Logged in as admin, loading engine/XML/stages.xml file and updating cache.</strong></p>";
@ -36,10 +35,12 @@ if (user_logged_in() && is_admin($user_data)) {
if ($stagesXML !== false) {
$stagesData = array();
// Load config (stages enabled or disabled)
if ($config['ServerEngine'] == 'TFS_10')
foreach ($stagesXML->config->attributes() as $name => $value)
$stagesData["$name"] = "$value";
// Load stage levels
// Each stage XML object
if ($config['ServerEngine'] == 'TFS_10') {
foreach ($stagesXML->stage as $stage) {
$rowData = array();
// Each attribute name and values on current stage object
@ -49,6 +50,20 @@ if (user_logged_in() && is_admin($user_data)) {
// Populate XML assoc array
$stagesData['stages'][] = $rowData;
}
} else {
// TFS 0.3/4
foreach ($stagesXML->world as $world) {
foreach ($world->stage as $stage) {
$rowData = array();
// Each attribute name and values on current stage object
foreach ($stage->attributes() as $name => $value) {
$rowData["$name"] = "$value";
}
// Populate XML assoc array
$stagesData['stages'][] = $rowData;
}
}
}
$cache->setContent($stagesData);
$cache->save();
}
@ -68,7 +83,6 @@ if (user_logged_in() && is_admin($user_data)) {
// Loading config.lua
$cache = new Cache('engine/cache/luaconfig');
$cache->useMemory(false);
if (user_logged_in() && is_admin($user_data)) {
if (isset($_POST['loadConfig']) && isset($_POST['configData'])) {
// Whitelist for values we are interested in
@ -106,6 +120,19 @@ if (user_logged_in() && is_admin($user_data)) {
'staminaSystem',
'experienceStages'
);
// TFS 0.3/4 compatibility, convert config value names to TFS 1.0 values
$tfs03to10 = array(
// TFS 0.3/4 TFS 1.0
'rateExperience' => 'rateExp',
'loginPort' => 'loginProtocolPort',
'rateExperienceFromPlayers' => 'experienceByKillingPlayers',
'dailyFragsToRedSkull' => 'killsToRedSkull',
'dailyFragsToBlackSkull' => 'killsToBlackSkull',
'removeRuneCharges' => 'removeChargesFromRunes',
'stairhopDelay' => 'stairJumpExhaustion',
'housePriceEachSquare' => 'housePriceEachSQM',
'idleKickTime' => 'kickIdlePlayerAfterMinutes',
);
// This will be the populated array with filtered relevant data
$luaConfig = array();
@ -141,7 +168,13 @@ if (user_logged_in() && is_admin($user_data)) {
// Remove unnecessary whitespace
$data[0] = trim($data[0]);
$data[1] = trim($data[1]);
// TFS 0.3/4 compatibility
if (isset($tfs03to10[$data[0]])) {
$data[0] = $tfs03to10[$data[0]];
if (isset($tfs03to10[$data[1]])) {
$data[1] = $tfs03to10[$data[1]];
}
}
if (in_array($data[0], $whitelist)) {
// Type cast: boolean
if (in_array(strtolower($data[1]), array('true', 'false'))) {
@ -194,12 +227,7 @@ $stages = false;
<h1>Server Information</h1>
<p>Here you will find all basic information about <b><?php echo $config['site_title']; ?></b></p>
<?php
if (
($stagesData && isset($stagesData['enabled']) && $stagesData['enabled'])
|| (isset($luaConfig['experienceStages']) && $luaConfig['experienceStages'] === true)
):
$stages = true; ?>
<?php if (($stagesData && isset($stagesData['enabled']) && $stagesData['enabled']) || (isset($luaConfig['experienceStages']) && $luaConfig['experienceStages'] === true)): $stages = true; ?>
<h2>Server rates</h2>
<table class="table tbl-hover">
<tbody>

6
shop.php
View File

@ -220,7 +220,7 @@ foreach ($shop_list as $key => $offer) {
<tr class="special">
<td><?php echo $offers['description']; ?></td>
<?php if ($config['shop']['showImage']):?>
<td><img src="http://<?php echo $config['shop']['imageServer']; ?>/<?php echo $offers['itemid']; ?>.<?php echo $config['shop']['imageType']; ?>" alt="img"></td>
<td><img src="//<?php echo $config['shop']['imageServer']; ?>/<?php echo $offers['itemid']; ?>.<?php echo $config['shop']['imageType']; ?>" alt="img"></td>
<?php endif; ?>
<td><?php echo $offers['count']; ?>x</td>
<td><?php echo $offers['points']; ?></td>
@ -251,7 +251,7 @@ foreach ($shop_list as $key => $offer) {
<tr class="special">
<td><?php echo $offers['description']; ?></td>
<?php if ($config['shop']['showImage']):?>
<td><img src="http://<?php echo $config['shop']['imageServer']; ?>/<?php echo $offers['itemid']; ?>.<?php echo $config['shop']['imageType']; ?>" alt="img"></td>
<td><img src="//<?php echo $config['shop']['imageServer']; ?>/<?php echo $offers['itemid']; ?>.<?php echo $config['shop']['imageType']; ?>" alt="img"></td>
<?php endif; ?>
<td><?php echo $offers['count']; ?> Days</td>
<td><?php echo $offers['points']; ?></td>
@ -351,7 +351,7 @@ foreach ($shop_list as $key => $offer) {
<tr class="special">
<td><?php echo $offers['description']; ?></td>
<?php if ($config['shop']['showImage']):?>
<td><img src="http://<?php echo $config['shop']['imageServer']; ?>/<?php echo $offers['itemid']; ?>.<?php echo $config['shop']['imageType']; ?>" alt="img"></td>
<td><img src="//<?php echo $config['shop']['imageServer']; ?>/<?php echo $offers['itemid']; ?>.<?php echo $config['shop']['imageType']; ?>" alt="img"></td>
<?php endif;
if ($offers['count'] === 0): ?>
<td>Unlimited</td>

1
spells.php
View File

@ -2,7 +2,6 @@
// Loading spell list
$spellsCache = new Cache('engine/cache/spells');
$spellsCache->useMemory(false);
if (user_logged_in() && is_admin($user_data)) {
if (isset($_GET['update'])) {
echo "<p><strong>Logged in as admin, loading engine/XML/spells.xml file and updating cache.</strong></p>";